I shore do like that pink guitar. Aint it purty? it's been on ebay about a million times now. Along with all the other stuff. You'd think they would have been watching for it all, eh?
Golly gee, why oh why didn't ebaY's purported staff of thousands along with their magical software catch that?
Is anyone truly that incompetent?
Took about 30 seconds flat to find that.
Gee, you don't suppose they were making false statements regarding the immensity of their security staff and quality of their technology in all the recent press we've seen do you?
You see what else is odd? No delays, no limitations, no nothing.
Chopped Victoriously, or Insider Assisted, maliciously?
Other than that, what else could it be?
-- Edited by budnonymous on Friday 15th of November 2013 10:28:02 PM
^ This lady had her dormant ebay account hijacked, whereupon sleazebay and their debt collectors came after her like rabid Hyenas to the tune of thousand$. If you have an ebay account you do not use, make sure to close it out or fix your bank account and credit card accounts so that ebay/paypal cannot withdraw from them. Ebay recently changed the billing language in their user agreement so as to allow then to deduct from your attached payment methods, as well as the collections parts of it.
Also, pretty easy to consider the ownership of the ebay forums by escort service/call girls and other spammers, as a hack job, since they are scooting right by whatever forum moderation filters may (or may not ) be in place. It's hilarious! They are even using intimidation tactics now to silence users who want a clean forums.
Now just a sample of the account take-overs, they have not missed a beat. Notice the high-end items, the amount of them, the rapidity with which they were listed, the immediacy of visibility.
Clearly the hackers have abilities to bypass whatever filters, policies etc which 'regular' ebay members do not have.
You will note the hacker's MO is basically the same, yet ebay is unable to defeat that challenge after all this time... hmmm
Victim/Seller's list in the Trading Cards category, where it looks like the bulk of the fraud listings were placed. Everything you see which is NOT a Trading card there is most likely fraud. Once again, hackers get around whatever category suggestions/restrictions ebaY may have.. Many times they are able to list duplicate high end items, in so-called "high fraud" categories, sometimes hundreds if not thousands... hmmm...
^ oops, forum resizes. Full page screencap available upon request
Just a quick reminder thast the hijacked and/ fraud listings are continuing..
I've seen hijacked accounts and the dedicated zero feedback new users listing the high fraud items, and ebay's crack security team at work. A couple examples:
A development with the fraud listings which is troubling for a couple reasons.
First off, this one may not actually be hacked, but a dedicated account just opened by the memberrussbutl on May 8th 2013. Much like the one I posted the tweet about above. This particular item/identical photo etc has been used very recently for scam listings.
Second, notice there isn't any image or text with outside contact instructions in the listing?
Third, for whatever reason, the small "beacon" icon indicating the member/seller is brand new, while showing on the seller list and fb pages is absent on the listing page.
The paypal logo is flying as payment method, along with that glorious "rock solid guarantee" of ebay buyer protection.
What may well be the case here is that the scammer has a fake paypal account to take the payment on, or perhaps hijacked/hacked/taken over someone else's? At any rate, they seem ready willing and able to take paypal payment.
That seems to be a risky combination of variables for would-be buyers/bidders
oh yeah, can't let this go by without mention. ^ notice that entirely fake "people who bought this also bought..." showing up everywhere, even (or mostly) places/listings where nothing sold!. wow lmao
(see my tweetstream for some of the latest on the fake ebay and paypal accounts for sale problem. It may be more like pandemic than epidemic by now.)
There was also another similarly recently registered account, robcar234 ( 0 ) that had listings for items like that, but with the contact info image. Those are now removed, yet the account remains active/ in good standing w/e. Visual documentation available upon request.
Update:
bwhahaha I'm looking at this russbtl's listings. Now showing is a contact instructions image, with the text to contact robcar234 at g-mail. By adding to the listing, as opposed to revised.
Hilarious!
For whatever reason I guess they couldn't add the image to the original listing or revise it? technical issue, maybe just forgot or whatever?
The fake paypal (and ebaY) account issue still remains. Maybe not on these particular listings, but overall. I can tell you there is a great deal of interest in them.
-- Edited by budnonymous on Sunday 12th of May 2013 10:02:18 AM
Look what I found on ebay! (Zero) feedback rated seller Hacked! http://www.ebay.com/sch/scottb0g/m.html... LoLz @ebay#fraud filters pic.twitter.com/oqfpq3HawW
Yesterday evening I found yet another hijacked/ hacked account, koulithegreek so I though I might just tweet it out to the head monkey in charge, as it were.
Tonight I go look again and the listings are still there, only the hosting site where the hacker's images, including the contact me at bla blah has gone down. This batch had the name lany.ebay at you know where dot com as contact info.
I'm guessing that ebay needs those fvf's and the ad revenue. LoLz
Keep up the great work, ebaY.
Twitter / Cappnonymous: @Tallboy6 Trade with hacked ... https://twitter.com/Cappnonymous/status/327249993503236098/photo/1 [more]
This is very telling. It pretty clearly shows that ebay has another outbreak of the xss flaw disease, and on ebay.com not just ebaymotors. It also supports and/or confirms what I found the other day with javascript based buttons and links leading to phishing/login pages. I may have been on one of the same pages, but not been affrected the same way due to how I have my browser set up?
At any rate , take note. ebay is not safe! The lack of safety is compounded by lack of any recourse and/or accountability.
Please note I've made the links unclickale. Don't try to visit them, no way of telling what may happen if you do. The forums.ebay.com embedded images /urls are probably safe.
Everything seems normal until somehow the page reloaded itself and I noticed that the web address has changed from hxxtp://www.ebay.com/itm/CANON-EOS-1D-MARK-IV-16-1-MP...... to hxxp://nauk2paw2.com/ws/eBayISAPl.php?ViewItem&item=321105524769&seller=bkmoores
Now finding fake login pages, active javascript links in the user generated content. These did not auto-direct. You had to click to get to the phishing/login page.
Looks like ebay has already removed them but keep your eyes peeled. Or just avoid ebaY like your life depends on it. If yiu've been following along you know they're really slacking off in their responsibilities and obligations to the shoppers and the sellers.
Besides here and the Cappnonymous wordpress blog, you can look on my tweetstream to see more carnage reported. You can find sad, disillusioned ebay members on the Trust & Safety forum also discussing similar things.
update: oops almost completely forgot, within a day or two of this event, similar fraud listings appeared with links to contact forms where the scam-hackers wanted your phone numbers. It's updated at blog with screencaps etc.
-- Edited by budnonymous on Sunday 12th of May 2013 09:51:01 AM
ebay's trust & safety or security team is in fine form tonight, unlike hacking /account takeover victim millenium_showcase, who's account has been filled with fraud listing for a few days now.
Note the same ol' same ol' items, bids raised sky-high by whatever ebay do-gooders out to defend ebay's honour.
psssst ... the ebay ceo just got $30 million. Do you think they can afford to hire their own staff to clean the place up, IF they WANTED to?
Things are starting to heat up a little on sleazebay with the account takeovers. No Batboy sightings yet but something about the nature of the scam listings sure has a familiar ring to them. Ongoing event, as the victims'a accounts are still loaded with fake listings. Ebay is aware of the hijackings but they've deleted multiple forum posts warning people instead of taking down the fraud listings.
Just a brief update to let folks know the hijackings continue...
I'm wondering whether the last glitch on ebay dealing with the seller limits and listings trashed don't have something to do with sleazebay attempting to correct the problem?
Lately there's been quite a few shooting star level members hijacked. LoLz! Still waiting for even one of them to say they gave away their passwords or fell for phishing, or for sleazebay's PR dept to say it.
As has been demonstrated for years, hackers have the abilty to bypass ebay's supposed 'fraud filters' and they still do, despite the sellers' limits. site unsafe; ebay lies!
I put this on my Cappnonymous blog due to the stature if the seller hijacked. There was at least 2 other victims that night, one of them, ebay member ks3311 finally got their items/seller list cleaned up sometime today. I wonder how many buyer victims there were?
Just another reminder that paypal is compromised. Spoof email addressed to the client's proper name. The hackers/phishers/whatever aren't guessing these names or getting them via psychic abilities.
I believe this may be one of ebaypal's biggest cheerleader/resident schills btw
Returned home today to find an email from Paypal for a payment for $199.74 to eBay seller PINZOO I never made. I didn't click and links but it was sent to may Paypal email address and addressed me by name. All email links were shown as in .ru though. No debit's were shown in Paypal though and no activity shown in my bank account. My guess is if I logged in to Paypal using any of the links in the email it would have attempted the charge. This one is real looking with fake links to the resolution center even.
Best thing you can do is never use paypal or ebay. If you have accounts, close them down and do whatever you need to in order to ensure they cannot draw from your bank accounts or credit cards. They are notorious for mysterious 'glitches' as well as being hacked, cracked and zombied!
here is the url of the image contained in the hijacked listings:
http://infopicseb.com/b.jpg
I find this hilarious of course for more than one reason. First, ebay bots are now interfering with normal communications between buyers & sellers by false flagging of email messages purported to contain offers to conduct biz off ebay etc. Bu they're not able to find these? bwhahahaha!
Second, apparently this hijacker isn't aware they could just go buy a fake ebay and paypal account or complete Fake ID packages at any number of places and scam like there's no tomorrow.
Longevity, feedback score etc etc all mean nothing on sleazebay now, with the proliferation of the fake accounts.
Victims wil never even know when they've landed on one of those listings until after they've ben scammed. It may well be a sad Holiday for lots of folks shopping sleazebay this year.
ebay/paypal have a big hacking problem on their hands with fraudulent shipping labels to the Russian Federation and elsewhere in that area of the world. As usual, they're resorting to sleaze tactics to keep it hush-hush.
Victims are suffering great losses, having their lives turned upside down. Very serious shizzle.
Just another reminder that PayPal has been compromised, either by hackers or insiders. There's not any other reasonable or plausible explanation which exists to allow for paypal phishing emails to contain the client's real name etc. I suppose another possibility exists; that ebay/PP mangement are secretly selling your info to scammers because they need the money!
Sure, I'm laughing but it's no joke. Look at what all else they've been caught doing.
I got an email supposedly from Paypal about "Limited Account Access" but I suspect to be a spoof. It was in my spam folder, so already that was red flag. I'm familiar with spoofs with generic salutations like "Dear Paypal Member", but what's unusual is that this email addressed me by my full name.
Have you ever received a Paypal spoof that addressed you by your full name (or business name)? When I logged in to Paypal (through the actual website, of course), everything looked fine, and there was no notification requiring my attention.
The email I believe to be a spoof did contain suspicious links requesting me to log in. So, I'm wondering if nowadays it's NOT unusual for Paypal phishing emails to actually contain a person (or business') real name in the salutation.
BTW, you may notice that the last poster advised to send the email to paypal's spoof address. That is a bogus meaningless, recommendation. Nothing but a pacifier without any real effect or solution to the real trouble. Reason being is that they ID anything & everything sent there as a spoof.
Don't believe me? try it with any known valid paypal email communication. Go ahead. No human being will ever see it. When they auto-bot-send back the notice telling you is was fraud/phishing, send that back to them too. A winner every time! LoLz!
As we should all realize by now, ebay and paypal do NOT act upon reports of fraud unless or until it somehow becomes an embarrassment to them in the electrosphere.
-- Edited by budnonymous on Wednesday 22nd of August 2012 06:29:31 PM
Just a little reminder tha these account hijackings are still ongoing... using the same method of having an image with instructions to contact the scammer via email. In this example the seller (victim) has 3 expensive (imaginary) dive masks, one of the scammer's favorite baits. There are many many more examples there right now with very expensive items across the range of categories.
Of course this has been going on for years and there's nothing ebay can or will do to stop or prevent this. Ebay then sends a bogus invoice to the hijack victim and strongarms them into paying, or they attach or link that now delinquent victimized account to another (often random) member's account and force/coerce them to pay the bogus balance in order to continue operating on ebay/with paypal. All this while ebay knows full well the original victim's account was hacked/hijacked.
In case anyone is wondering, YES, the account hijackings are still ongoing. Found these in no time flat. yet ebay with their bot-armies and filters can't. I wonder why that is?
I'm sure we could find thousands upon thousands of these hijacked listings/acounts each and every day, had we the time...
You'll notice this has literally been going on for years and they've never been able to stop it. I'm glad they have bots to detect unauthorized use of google checkout, and cash though LoL!
("LieWorld" is ebay's sleazy forum moderation service, and self-admitted professional undercover liars in case you were unaware)
But to the point, they left up the live phishing link on their forums for anywhere +/- 36 hrs, even actually had their forum "helpers" bumping the post! Failed to report the site apparently too.
They then redirected the post, once pulled, to an ebay login page, as opposed to the normal 'error' page! Very strange... isn't it?
Complete visual documentation at links. Don't miss it!
-- Edited by budnonymous on Saturday 31st of March 2012 07:04:12 AM
I see the hacking and account takeovers at ebay are still going strong. Business as usual. LoL. Here is a member who had no less than 762 fake iPhone listings inserted into theirs.
I didn't get a chance to view the listings before ebaY began to remove them, so I'm not sure whether they just contained instructions to contact outside of ebay or something else, but there was this little thing on trendmicro about redirects within fake iPhone listings.
This may be the same person whom chimed in on the above paypal forums thread with post 156. The reported dollar amount, along with other details is the same.
On October 16, 2011 (Sunday), I decided to pay a couple of bills. I usually don't use the computer on Sunday, since I work on one all week. After paying the bills, I checked my email and quickly glanced over them. I noticed one from PayPal and I was about to chunk it in the trash when I noticed the words "Receipt for Your Payment to Gmarket". I thought it was spam mail, but I read it anyway. I noticed the amount of $834.77 and my heart rate started to sky rocket! "Who in the H3ll is Gmarket!", I screamed inside!
It would appear that either hackers have yet another way into Paypal, via GMarket somehow, or they have some more insider fraud on their hands. There are not any other plausible explanations for this.
On Oct. 1st, I received notice via email that PayPal had made payment from my checking account in the amount of $681.24 to an Ebay owned company called Gmarket. This was not of my doing and I immediately (within an hour) disputed the charge through the resolution center at PayPal. On October 3rd the amount was deducted from my checking account. Had I known that PayPal would not stop the transaction I would have called my bank the Monday morning of the 3rd and notified them of the fraudulent request. But regretfully I didn't. I'm not sure it would have made a difference as I have since contacted them and they informed me that it would take 10 days to investigate before they could take any action.
In the meantime, I am awaiting the 7 day "use my money for free" period that Gmarket has to respond to my dispute. They have my $681 and I have been trying to juggle funds here to avoid any overdraft charges. It seems to me that this is a case of a scammer making all the rules and calling all the shots while using my money - at my expense. Is my only recourse to just wait the 7 days and hope that PayPal comes through?
I have called PayPal and they say to contact my financial institution. I called my financial institution and they say it's a 10 day wait. I have emailed Gmarket and got no response. I have contacted Wells Fargo Bank, who initiated the ACH for Gmarket and they say they have no control over Gmarket or my money. Gmarket has no phone number and they are located in Korea. I would think this whole thing is really fishy since Ebay owns Gmarket and PayPal. I am not a registered member of Gmarket and never knew they existed until they took my money.
I know there are a lot of experienced buyers and sellers here who have been there and done that....What would you do? Is this a more serious offense because they are all bedfellows who are manipulating me and my money? I mean illegal in a different way than being an ordinary hacker/scammer just trying to steal my money. Any suggestions appreciated.
...(now skipping to post 156...)
Oct 16, 2011 11:08 AM
Reply
I just received an email this morning saying I sent a successful payment of $834.77 USD to pay@gmarket.co.kr. I logged in my paypal account and sure enough the transaction was there.
I quickly disputed the transfer and called my bank (Wells Fargo). Since the transfer was not pending or there yet, they told me they could not do anything. So, I quickly transferred all my money in that account to another account and I will dispute it when I get a NSF charge. I am also putting a hold on that account tomorrow.
Ebay needs to fix this. If I didn't check my email today (Sunday), I would of been out $834.77 and that would of really hurt!!!
(screencapture of page 7, including the Original Post)
If you read the entire thread, you'll see the very same old tired, overexposed shills, reading from the very same script. It's classic ebay forums flim-flam through and through. It's easy to pick out the 'funny' parts and players
It will be interesting to see how many more similar reports pop up.
How long, and with how many victims have the iTunes/Paypal hackings & account drainings been ongoing now without resolutuion?
So much for ebaY's alleged fraud filters, various seller limitations and whatever detection methods they have to ban certain links and images within listings, as they recently enacted...
That is another indication that the site is HACKED, not just 'simple phishing'.
The account take-overs have increased by an exponential rate at ebay!
Seems to be targeting Top Rated Sellers. Still getting multiple listings of the same high-end and even ultra high-end artwork, fine collectibles etc right through with no delay. Hundreds at a time.
Haven't seen this many for quite some time now. Since uhmm.. who ever that one guy was putting the severe hurting ownage on them a while back.
LoLz
Here are a couple samples of the latest, but there have been many, many more
Haha! I see another very highly rated ebay TRS is being hijacked right at this very moment.
monkeygamez with a feedback Score Of 58682, with the shooting star icon.
You may note the very same key phrases being used as last night, and very similar if not the same items. This of course lends to the notion that either ebay is hacked to the core or the hackers have insider help. There are no other plausible explanations. Think about it.