HOW TO KEEP EBAY IDENTITY THEFT FROM DRIVING YOU CRAZY AND SMASHING YOUR BUDGET
Having your financial or on-line identity stolen or compromised is one of the greatest fears of modern life, so for my eBay 1500 feedback article I’ll give an account of how my eBay ID was compromised and what I did to keep the damage to a minimum.
I was part of the way through breakfast on a Monday when the phone went. A woman wanted to know more about the car I was selling on eBay. My memory isn’t what it used to be, but I was quite sure I was not selling a vehicle, let alone on eBay. The woman sensed my hesitation and suggested that if I was not selling a car I’d better sign in to my account as it was highly likely someone had hacked into it.
Being a breakfast sort of person, I finished it and then logged on. There, as clear as day despite efforts of the cyber criminal to hide it, was a listing for a BMW X5 3.0D Sport Auto, a spiffing people carrier worth in the region of £30,000-40,000. The 24-hour listing had a starting price of £1 but after an hour and a half had attracted several bids and was up to £3,100.
I knew full well that the car did not exist and that the perpetrator had simply scanned in some photos, but clearly several people were taken in, their judgment clouded perhaps by greedy thoughts of acquiring this posh vehicle for a snip. Our cyber thief had attempted to fuel these hopes of a wild bargain by saying he (or she) only needed £5,000 for the car. Wow, what a nice person. Anyone who was paying any attention at all could have seen that this note, small as it was, was not my work as it was very sloppily written, and I try to avoid this sort of thing as I am a journalist by profession.
Despite the fact that my blood was nearing boiling point, I quickly e-mailed the top bidder to say that the bid should be cancelled and that the car didn’t exist. (That person quickly wrote a note to thank me.) I then cancelled the listing and notified eBay.
Then I had a good look at the listing, which by the way had cost me £8.50. All my details were as normal except for the e-mail address, which had been changed to a Hotmail one. This offered a clue as to how the person hoped to get away with the crime. I guessed that the winning bidder would have been messed around in terms of collecting the car and would have eventually been encouraged to pay by PayPal or another electronic alternative, quite possibly with a nice discount as a sweetener. Or perhaps they would have been asked to make an advance payment. The money, of course, would quickly have vanished and I would have been left with an irate buyer with nothing but a couple of scans to show for their cash.
Fortunately the brigand had not made any attempts, at least successful, to hack into my PayPal account, but I quickly changed my password into something much more difficult to type.
EBay takes this sort of thing very seriously, of course, and when I logged on the next morning my account had been frozen. I had received several e-mails about the matter and was invited to contact eBay via a real-time electronic linkup to tackle the mess. First, as eBay’s behest, however, I thought up a new, much more complicated, password and changed my e-mail password as well.
The person at the other end was obviously highly experienced, not a cut-and-paste artist, and very helpful. She made me jump through various hoops to prove my identity and took me through various steps, including verifying that I had changed the three key passwords, and arranged for a refund of the £8.50. The various necessary actions took several hours, and it took several more hours over the rest of the week to undo the damage the miscreant had done by moving parts of my My eBay page to try to disguise the scam and putting information about the car and the bogus e-mail address in one of my templates.
For weeks afterward it seemed I had to sign in using my new password several times a day, including on Turbo Lister, but now things are pretty much back to normal.
I wondered why the cyber thief had picked on me, as I am a registered business user and so presumably check my eBay listings frequently (which I do.) However my feedback is, I say modestly, about as good as it gets – 5.0 for promptness of dispatch, communications and accuracy of listings and 4.9 for postage – and I imagine this was why I was selected.
I still have no idea how the sneak seller managed to get into my eBay account, especially given the confirmation questions that are supposed to be asked when a computer other than my home one is used to do eBay work.
I am grateful that I happened to be home on the day of the attack. Otherwise things could have been much, much worse.
As for avoiding such incidents, I can only suggest considering a complicated eBay password and checking the site at least daily. Otherwise you could get a phone call one day from an angry person wanting to know what has happened to their expensive BMW.
I was part of the way through breakfast on a Monday when the phone went. A woman wanted to know more about the car I was selling on eBay. My memory isn’t what it used to be, but I was quite sure I was not selling a vehicle, let alone on eBay. The woman sensed my hesitation and suggested that if I was not selling a car I’d better sign in to my account as it was highly likely someone had hacked into it.
Being a breakfast sort of person, I finished it and then logged on. There, as clear as day despite efforts of the cyber criminal to hide it, was a listing for a BMW X5 3.0D Sport Auto, a spiffing people carrier worth in the region of £30,000-40,000. The 24-hour listing had a starting price of £1 but after an hour and a half had attracted several bids and was up to £3,100.
I knew full well that the car did not exist and that the perpetrator had simply scanned in some photos, but clearly several people were taken in, their judgment clouded perhaps by greedy thoughts of acquiring this posh vehicle for a snip. Our cyber thief had attempted to fuel these hopes of a wild bargain by saying he (or she) only needed £5,000 for the car. Wow, what a nice person. Anyone who was paying any attention at all could have seen that this note, small as it was, was not my work as it was very sloppily written, and I try to avoid this sort of thing as I am a journalist by profession.
Despite the fact that my blood was nearing boiling point, I quickly e-mailed the top bidder to say that the bid should be cancelled and that the car didn’t exist. (That person quickly wrote a note to thank me.) I then cancelled the listing and notified eBay.
Then I had a good look at the listing, which by the way had cost me £8.50. All my details were as normal except for the e-mail address, which had been changed to a Hotmail one. This offered a clue as to how the person hoped to get away with the crime. I guessed that the winning bidder would have been messed around in terms of collecting the car and would have eventually been encouraged to pay by PayPal or another electronic alternative, quite possibly with a nice discount as a sweetener. Or perhaps they would have been asked to make an advance payment. The money, of course, would quickly have vanished and I would have been left with an irate buyer with nothing but a couple of scans to show for their cash.
Fortunately the brigand had not made any attempts, at least successful, to hack into my PayPal account, but I quickly changed my password into something much more difficult to type.
EBay takes this sort of thing very seriously, of course, and when I logged on the next morning my account had been frozen. I had received several e-mails about the matter and was invited to contact eBay via a real-time electronic linkup to tackle the mess. First, as eBay’s behest, however, I thought up a new, much more complicated, password and changed my e-mail password as well.
The person at the other end was obviously highly experienced, not a cut-and-paste artist, and very helpful. She made me jump through various hoops to prove my identity and took me through various steps, including verifying that I had changed the three key passwords, and arranged for a refund of the £8.50. The various necessary actions took several hours, and it took several more hours over the rest of the week to undo the damage the miscreant had done by moving parts of my My eBay page to try to disguise the scam and putting information about the car and the bogus e-mail address in one of my templates.
For weeks afterward it seemed I had to sign in using my new password several times a day, including on Turbo Lister, but now things are pretty much back to normal.
I wondered why the cyber thief had picked on me, as I am a registered business user and so presumably check my eBay listings frequently (which I do.) However my feedback is, I say modestly, about as good as it gets – 5.0 for promptness of dispatch, communications and accuracy of listings and 4.9 for postage – and I imagine this was why I was selected.
I still have no idea how the sneak seller managed to get into my eBay account, especially given the confirmation questions that are supposed to be asked when a computer other than my home one is used to do eBay work.
I am grateful that I happened to be home on the day of the attack. Otherwise things could have been much, much worse.
As for avoiding such incidents, I can only suggest considering a complicated eBay password and checking the site at least daily. Otherwise you could get a phone call one day from an angry person wanting to know what has happened to their expensive BMW.
posted by Chad Neighbor at
2.6.10
|
0 comments
