Share:
POST
TWEET
SHARE
SHARE
EMAIL

NEW eBay Business Polices Change notification

By Chris Dawson November 29, 2019 - 11:10 am

We are pleased to report that there is a new eBay Business Polices Change notification being sent to sellers, warning when a change is made to their vital account information.

Earlier this year there were a number of sellers impacted by hackers changing their eBay PayPal email payment address and syphoning funds off into dodgy PayPal accounts and stealing their money. Some of the sellers impacted lost tens of thousands of pounds over periods of months before the news was broken by the one of the first victims, Richard Crisp, who was brave enough to go public and warn others of the danger.

Once Richard went public, it was quickly established that his wasn’t a one off case and, in the weeks that followed, we identified dozens of impacted sellers who collectively lost many hundreds of thousands. Whilst eBay and PayPal never admitted liability for the losses, each blaming each other (eBay said they never touched the funds, PayPal said it was eBay’s problem as that’s where the fraud took place), eBay have been working behind the scenes to secure accounts.

We are pleased to report that we have had no reports of further instances of fraud of this type over the past couple of months and so are hopeful that eBay have now closed the loophole and put measures in place to protect eBay sellers’ accounts. This is further confirmed as we have now seen a new eBay Business Polices Change notification being sent to a seller, who in this instance made a change themselves to their own eBay Business Polices. What this should mean is that if your account is compromised you should at least receive warning if your eBay Business Polices are tampered with.

eBay Business Polices Change notification

In the last 24 hours, we noticed that at least one of your Payment Business Policies has been updated. Please review the changes and confirm the payment details. If you are using a PayPal email address, then carefully review, character by character (i.e., ensure that “l” hasn’t been replaced with “1”, or “0” with “O”, or lowercase “l” with uppercase “i”, etc.) to confirm that it is indeed your correct information.
 
If this change was made by you, then there is no need to do anything. However, if you do not recognise the changes, then please follow the steps outlined here as soon as possible.
 
Thanks for helping to keep eBay a safe place to trade.

Thanks, eBay

There are two things we would strongly encourage you to do to keep your eBay account secure and prevent a hacker from changing your eBay PayPal email payment address:

  1. Use eBay 2-Step Verification
  2. Use eBay Business Policies to manage your eBay PayPal email payment address

    You can opt in to use eBay Business Policies here

  • Annmarie
    2 weeks ago

    Does this mean they are accepting liability? Shame they won’t pay out to people that have lost alot due to hack! Makes you wonder if this would have
    been done if a big store like currys had not been hacked?

    • 2 weeks ago

      It means they are putting steps in place to warn people if vital information (such as their PayPal address) may have been changed on their account.

    • 1 week ago

      Having received an email the other day informing me someone had tried to change (old user name login) and redirect, so it’s helping.

      More worrying and far more common fraud is still very active, the ‘item not delivered’ scam. Earlier this year I identified one individual who was very active in this.

      I had gathered some evidence, it would have been a simple process for ebay to follow up & undertake some more detailed investigation, ensuring a known scammer was removed. Sadly no interest.

  • NorthCrystal
    2 weeks ago

    This is terrible solution to fix terrible problem. There’s few better ways to improve it and potentially stop the hack happening again. An “email notification” is not the required solution. It’s easy for the email to be missed by its receiver, classed as spam, never delivered, or opens another way for hackers to go “phising”.

  • iain
    1 week ago

    This is not a resolution to the problem. We set up policies when we were hacked for the first time this year. When we were hacked for the second time they simply created a new policy with their email address. They then just switched between ours and theirs until we discovered it a short while later. No pat on the back for ebay sorry. Maybe they should start to listen to sellers and put something in place that will actually stop this from happening. We are still no more secure now than we were before they introduced this. Good show ebay!!

  • Nick
    1 week ago

    if eBay use serif fonts like Courier or Times New Roman for email addresses then it would be impossible to mistake seeing a capital i for a lower case L. They would look different. So visual inspections could have identified if the email address is incorrect if they used a serif font. Unfortunately use of modern sans-serif fonts show these letters exactly the same.
    Of course this would not resolve how they got changed in the first place but had the font been a serif font then at least we could visually inspect the email address regularly or make sure we haven’t inadvertently typed in the wrong letter – which would still be possible with the other solutions.

  • iain
    1 week ago

    Good point Nick.
    I personally check our policies at least 5 to 6 times per day now to see if I can see any changes or new policies added. Unfortunately when we were hacked again in October it was when I was away on holiday for a week and I was not able to physically check this myself, they simply came in a nd set up a new policy and took what they wanted over that time. When I first heard of these notifications I thought great, that is one less thing to worry about. How wrong was I.

Have your say

View our Comment Policy

Featured in this article from the Tamebay Guide – companies that can help you grow and manage your business.

eBay

eBay’s mission is to be the world’s favourite destination for discovering great value and unique selection

PayPal

PayPal Working Capital is a merchant cash advance linked directly to your PayPal account.

See More Companies >

Recent Comments

1 min ago
Jim: @tyler It is You who miss the point With your obsession to contradict and argue do...
5 hours ago
tyler: @Jim. I love the way you always ignore the real issue. Your moaning about them but...
10 hours ago
James: @Sam Strange to accuse someone in power of being a populist. Fair enough Boris has been...
12 hours ago
Jim: Ebay make it very clear you get what you pay for or you get your...