Over the weekend, several hundred eBay listings were edited to include a message saying “To buy the item now email [a gmail address]”. Several hundred accounts were compromised: the scammers used four gmail accounts to target high value items such as cars, hi-fi and jewellery.

There have been some reports stating that the site was hacked, but this is incorrect. Vanessa Canzini (eBay UK’s PR Manager) confirmed to TameBay today that the site itself remained secure. eBay have released a statement to confirm “that the eBay site has not been hacked or compromised in any way” and that the accounts “were compromised and edited after seller password details were obtained via spoof/phishing emails.”

eBay also point out that they “can provide redress in the rare instance that things go wrong, with the payment protection schemes it offers to both buyers and sellers, but this redress can only be provided if people carry out all transactions on the site.” It’s well known that eBay and PayPal are the target of 75% of all phishing activity on the net, so hacked accounts or in eBay parlance “TKO accounts” (TaKen Over), are nothing new. The only notable fact from the weekend’s activity is that the scammers appear to have saved up several hundred eBay account user names and passwords to edit auctions in bulk.

Just how much is your eBay user name and password worth? To anyone who’s had the horror of their account taken over quite a lot. To the scammers surprisingly little. Normally those perpetrating the scams aren’t those phishing for passwords. There’s an open market where phishers sell on account details for pennies.