Thursday, September 20, 2012

Ebay Popup Scam

Their is a new scam using ebay's name. A page rewrites using browser flash plugins to solicit payments by direct money transfer for expensive items that don't exist.

With flash enabled in the viewer browser the pages do a 'double-load' --> the paypal payment bits disappear while direct money transfer is listed as 'protected'. Some other changes occur such as item pictures appearing, item id changing to stop reporting and stop the view of other seller items.

The first hack used external non-ebay servers to work their magic, I presume the new version is the same. Ebay just stonewall and say they couldn't be hacked. This may amount to $80,000 in 3 days for a few items. It's no-flash policy probably stops those ebay staff that scrutinise reported items from seeing what is going on.

1 comment:

  1. Anon Thank you for reporting this scam on Corporate Office Headquarters!