CNET reported on eBay’s ongoing phishing problems, noting that the latest is a security hole in eBay’s existing platform that allows phishers to redirect targets from legitimate eBay URLs to malicious ones. This is a particularly danderous exploit, as by passing through eBay to another site, even a fairly sophisticated surfer might not know what has happened until it is too late.
Have to hand some kudos to eBay, however, as they consistently recognize problems such as these, and make fixes no matter what the effort might require. A classic example is their recent internal messaging implementation. It eliminates a lot of email from the members’ inbox, which likely cuts down substantially on phishing possibilities. Another initiative they take very seriously is education, which was also mentioned in the article. Users are consistently reminded of phishing attempt possibilities, what to look for, and how to report it. And they don’t convolute their warnings with tons of technical mumbo jumbo that their core user base can’t understand. Clearly, a combination of proper planning, and thinking about the customer.
It doesn’t hurt that by implementing online messaging, people are drawn to the site for information too. Darn good thinking, Meg and Co.
You can read the full text here: eBay scrambles to fix phishing bug | CNET News.com.