Ebay’s phishing hole

Ebay has long been a target for fraud. Some of it has to do with the gamey nature of eBay – everyone is looking for a “steal” of a deal, and some simply take it literally. As the market has become more liquid, it is less a place to find basement-price bargains, at least legitimately, but the auction format and reputation are still enough to fool some folks into buying non-existent goods at some ridiculously low price.

But of course, eBay and its cousin Paypal have also been the pawn in many phishing attempts. And like the tracking of a deadly disease, it would be interesting to hear how it got started and why, and what ebay is doing about it. Well now you can.

Frank Fortunato over at Internet.com is running a two part report on eBay fraud. The first post discusses the early battles with phishing emails, the Paypal acquisition that made the company even more vulnerable by introducing elements of the banking system to thieves, and the escrow services we smart folk knew were scams to begin with.

Ignore Frank’s blurb on wireless, which Spamroll has already warned you about several times over (and has little to do with eBay anyway). The most interesting part of the piece was the discussion of eBay’s fraud prevention measures.

Points to emphasize are the structure of eBay’s customer service squads, which only cover the top sellers (and not much on the buy-side), as well as the stealthy nature by which eBay addresses the issue of fraud. Subtle disclosure and difficult to find security links are purposed to warn customers about fraud without scaring them off the site.

The follow-up is promising some common sense measures both eBay and its users can employ in the fight against fraud. Stay tuned.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.