We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Ebay Scam
Options
frank_potter
Posts: 153 Forumite
EBAY FAKE LOGIN PAGE
An item listed on Ebay appears to be directing to a fake Ebay login page.
When I click on the item “kubota kx36 mini excavator digger and twin axle plant trailer” (the listing time of the item 09-Feb 20:52) a blank login page appears directing to the internet address:
http://www.yoodot.com/wp-content/themes/twentyeleven/inc/images/gif/cmd=SignIn&co_partnerId=2&pUserId=&siteid=0&pageType=&pa1=&i1=&bshowgif=&UsingSSL=&ru=&pp=&pa2=&errmsg=&runame=/eBay.php?SignIn
Has anyone else had this happen?
An item listed on Ebay appears to be directing to a fake Ebay login page.
When I click on the item “kubota kx36 mini excavator digger and twin axle plant trailer” (the listing time of the item 09-Feb 20:52) a blank login page appears directing to the internet address:
http://www.yoodot.com/wp-content/themes/twentyeleven/inc/images/gif/cmd=SignIn&co_partnerId=2&pUserId=&siteid=0&pageType=&pa1=&i1=&bshowgif=&UsingSSL=&ru=&pp=&pa2=&errmsg=&runame=/eBay.php?SignIn
Has anyone else had this happen?
0
Comments
-
Ebay appear to have now removed the listing.
For the record however the Ebay link was:
http://www.ebay.co.uk/itm/kubota-kx36-mini-excavator-digger-and-twin-axle-plant-trailer-/281263338807?pt=UK_BOI_Industrial_Tools_Construction_Tools_ET&hash=item417c99f537
Ebayers need to be careful to check that the Ebay login page is genuine.0 -
That's a very high risk item for theft, and with ebay removing listing I wonder if you just got in at the time that it was being removed and essentially got a glitch rather than a specific phishing scam?0
-
Try clicking the Youdot link in post 1 - the link is still active.
Note that on the fake login page non of the hyperlinks work.
I know for a fact that the photo that was used in the Ebay listing concerned had previously been used in earlier scam listings.0 -
None of the links work. Stay signed in cannot be unticked. Cannot click register etc.
User ID and password also not links. A very poor attempt.Censorship Reigns Supreme in Troll City...0 -
That's a very high risk item for theft, and with ebay removing listing I wonder if you just got in at the time that it was being removed and essentially got a glitch rather than a specific phishing scam?
Having now spent a little time researching the occurrence I doubt very much that this was a glitch.forgotmyname wrote: »None of the links work. Stay signed in cannot be unticked. Cannot click register etc.
User ID and password also not links. A very poor attempt.
Although none of the links on the fake login page worked it was probably more than adequate for the purpose of stealing login details.
My primary concern however is how the fake login page managed to appear on the computer. I understand that there are number possible scenarios for how this may have occurred:- One possibility is that malicious software had somehow been installed on the computer I was using. Having subsequently scanned the computer concerned with Malwarebytes, a number of other Antivirus products and finding nothing untoward I believe that this scenario is unlikely. Also, without going into details I would consider the overall security deployed on the system to be well above average.
- XSS Scripting or cross site Phishing is another possibility. I understand from elsewhere that in 2006 the US Department of Homeland Security issued a Vulnerability Note (VU#808921) – stating that the eBay web site contains a cross-site scripting vulnerability: https://www.kb.cert.org/vuls/id/808921
0 -
You can report pages like this on Firefox. Click on help the report web forgery.Come on you Irons0
-
You can report pages like this on Firefox. Click on help the report web forgery.
Thanks – Reported
Ebay really do need to do something to prevent the XSS Scripting (cross site Phishing) vunerability https://www.kb.cert.org/vuls/id/808921.
Serious fraud is taking place as a result of this.0 -
WARNING
Another Ebay phishing fake login page here (DO NOT ENTER EBAY LOGIN DETAILS):
http://www.ebay.co.uk/itm/JCB-TELEHANDLER-526-LOADALL-DIGGER-DUMPER-/231162573166?pt=UK_BOI_FarmingEquipment_RL&hash=item35d25cf16e
(Ebay item number 231162573166 listed 19-Feb 2014 at 16:37)0 -
FOUR MORE EBAY LISTINGS LINKED TO PHISHING EBAY LOGIN PAGES (at 18:57 19th Feb 2014)
(DO NOT enter your login details)
Massey Ferguson MF 3080 4WD 100hp Tractor (Ebay Item no: 231162562888)
New Holland Tractor TM (Ebay Item no: 140231162562922)
Herron Tri axle beaver tail trailer plant trailer (Ebay Item no:231162572967)
John Deere 8400 tractor (Ebay Item no: 231162573074)0 -
Ebay have removed dozens of these in the last week, the scammers are also sending messages to sellers, saying they are interested in buying the item and asking the seller to email them and are giving an email to send to. I got one and found out the scammers are harvesting details through these emails and the fake log in page.
Ebay really need to get on top of this because some people have fallen foul of these scummy scammers.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.2K Banking & Borrowing
- 253.2K Reduce Debt & Boost Income
- 453.7K Spending & Discounts
- 244.1K Work, Benefits & Business
- 599.2K Mortgages, Homes & Bills
- 177K Life & Family
- 257.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards