UK eBay users at risk
The Times today confirms that UK eBay users are increasingly becoming the targets for phishing and account takeovers. Unsurprisingly eBay Motors continues to be a major target due to the high ticket price of goods in comparison to other categories. It’s a mark of how well eBay have attacked fraudsters and educated their users that scammers are targetting the UK instead of the larger eBay.com market.
Much more worrying is a report on The Register that a new varient of the bayrob trojan has appeared. Previous version installed a webserver on the users computer which sent eBay pages to the users browser masquerading as the eBay website. The new version not only inserts fake eBay pages and supposedly gives a false increase to sellers feedback making them look more trustworthy, but it also spoofs other security sites.
Sites such as Carfax.com, Autocheck.com and Escrow.com that users may use to verify the authenticity of listings. Imagine finding a product to buy and using eBay recommended escrow.com to pay, and then finding not only were you on a fake eBay site but had also paid through a fake security site, even though both exhibited full security information! The trojan also appears capable of displaying false emails in My Messages, the only way to establish if they are authentic is to log on from an uninfected PC and they’ll disappear.
Antivirus companies will be updating their virus signatures to detect the new strain of the virus, but as always it is users themselves who can offer the most protection. The only way the virus can infect your computer is by an attachment to an email. Users should constantly be wary of email attachments, especially if it is unexpected and you don’t know what it contains. If you’re not sure what it contains don’t click and open it!
Finally the ultimate protection when buying a car on eBay is the same as if you were buying it from your local paper. Never ever hand over the cash or sent it though a third party payment method until you’ve seen the car in person. A little common sense can stop a conman dead!
Why do people still ignore the most basic of rules. Don’t open an email attachment unless you’re 100% sure of what it is even if it called “Free Sex and Beer.exe”. 🙂
You can’t blame ebay, Paypal, Windows, your anti-virus package, etc. if you ignore that most basic of rules.