eBay Hacked, User Accounts Disabled, No Personal Information Compromised - Consumerist Comments

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

SimonSwegles — Fri, 12 Oct 2007 10:36:02 EDT

A few studies have shown that spam is profitable at ludicrously low click-through rates. Microsoft's study determines that a spammer is profitable if 0.001% of the targeted people fall prey to their promises.
There is only a coincidental relationship between any individual's receipt of spam/phishing e-mail and membership in whatever business or organization is being shilled or masqueraded.

SimonSwegles

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

msthe8r — Thu, 11 Oct 2007 13:24:53 EDT

@amoeba:
I have somewhere in the neighborhood of 80 bazillion e-mail accounts, ONE of which has ever actually dealt with Ebay. All of the others get Ebay/Paypal phishing messages, too. That's in addition to the phishing e-mails from around eight different banks I have never had accounts with. It's not just you.

msthe8r

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

Namilia — Wed, 10 Oct 2007 22:16:11 EDT

Thanks to this article, and the comments, I have just closed my Ebay account and as soon as I can I am closing Paypal too. I have been receiving those annoying spoof emails, but had no idea how bad ebay/paypal were at resolving hacked or compromised accounts. Never used it much for fear of getting scammed, but this just gives me one more reason to close an account I hardly ever used anyways (bought 2-3 things over the span of several years and that is it)

Stinks there's a 180 day waiting period when there is nothing outstanding...

Namilia

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

gniterobot — Wed, 10 Oct 2007 20:23:06 EDT

What a bunch of idiots. Ebay contacted me way ahead of time and said if I could verify all my CC info and bank numbers they would add their "ultra" protection absolutely free.

Looks like you all lost out on that deal...suckers.

gniterobot

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

SimonSwegles — Wed, 10 Oct 2007 20:05:16 EDT

@amoeba: I agree, it would be great if someone could come up with a reasonable solution. The crux of the problem with e-mail abuse is that e-mail is run on an inherently insecure protocol. SMTP is very easily abused, and without proprietary extension it is utterly impossible to stem the free flow of the various types of abuse e-mail. Even those proprietary extensions are not a good solution, as they require both the sending and receiving servers to be running the same extensions.
The problem with designing a solution is that there are hundreds of thousands of public e-mail servers on the internet, and billions of e-mail clients. All currently use SMTP protocol. Any corrective change would require either a massive upgrade or migration process which will cause its own problems and interfere with business, or a weak backwards-compatible "upgrade" which will receive little industry support and cause more problems that it solves due to there then being multiple protocol systems to support (and secure).

SimonSwegles

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

amoeba — Wed, 10 Oct 2007 19:07:14 EDT

@SimonSwegles: you may be right, but I'm still disturbed that someone from ebay (I think so) is messing around with email addresses just to have a victim. I am not stupid to give out my personal information, but I think they are invading my territory via email. I have reported to my email server, organizations, paypal, ebay and no solution. I hope someone in consumerist will come one day with a great solution. That'll be awesome!

amoeba

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

loreshdw — Wed, 10 Oct 2007 18:45:24 EDT

Ebay sucks at resolving hacked accounts. I had an account in college I used to sell used books and buy all sorts of fun stuff, but I had to stop when my shopping got expensive. A few years later I sold something for my mom through my account, then left it dormant again. Nine months later I start getting overdue notices from ebay. Someone hacked my account and ran up around $800 worth of listing fees. I contacted Ebay, and got generic emails back about how to prevent phishing. I tried sending a more detailed message, got the another generic response stating it was taken care of and I would not be charged.
Three months later, I get a notice that my account is locked for non-payment of $80. I wrote another email detailing my previous problems, and get another email back stating I will not be held responsible for charges. After trying multiple email addresses I never got a personal response, and only talked with a human when they started calling me for debt collection. I told my whole story again, the service person I spoke with told me it was taken care of.
Just last week a debt collection agency started calling. I hate Ebay.

loreshdw

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

SimonSwegles — Wed, 10 Oct 2007 18:40:53 EDT

@amoeba: You already have the only solution to phishing e-mail: report and/or ignore it. There is absolutely nothing anyone can do to stop such e-mail abuse in our current legislative environment.

SimonSwegles

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

amoeba — Wed, 10 Oct 2007 17:23:13 EDT

Glad you posted this article today. I closed my ebay and paypal account a while ago. I am still receiving phishing messages. Does anyone still getting phishing messages from paypal? I do, and I am tired of reporting them without any real solution.

amoeba

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

RandomHookup — Wed, 10 Oct 2007 17:20:36 EDT

Wow, I truly am in the presence of greatness. I am in awe of your Web Fu.

RandomHookup

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

SaveMeJeebus — Wed, 10 Oct 2007 16:53:28 EDT

@Beerad:
@LetMeGetTheManager: You guys are both a couple of idiots. I got a real job that earns real money--not some scam. All I have to do is buy products to sell to other people to sell for me. I am my own boss and set my own hours. Everything is pure profit after I pay the guy above me. Beat that.

SaveMeJeebus

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

Beerad — Wed, 10 Oct 2007 16:49:23 EDT

@LetMeGetTheManager: A "distant relative"? You stooge, you totally fell for a classic scam! Good thing that I'M dealing with the Nigerian Minster for Foreign Financial Programming who discovered billions in unclaimed funds in a forgotten bank account that he needs my help to recover.

Beerad

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

ancientsociety — Wed, 10 Oct 2007 16:46:55 EDT

Doesn't surprise me.

Ebay & Paypal have horrible, horrible user security. 3 months ago, my wife's and a friend's (separate) paypal accounts were hacked - and not through any "phishing" emails, the theives used backdoors into their accounts.

Luckily, they only got about $50 total but it was a mess trying to close all the bank accounts and CCs associated with the accounts. And, Paypal's "customer service" was a joke, we simply received form email responses. That was the last time any of us used Payapl or Ebay and we certainly won't sign up for anymore.

ancientsociety

eBay Hacked, User Accounts Disabled, No Personal Information Compromised

LetMeGetTheManager — Wed, 10 Oct 2007 16:35:33 EDT

Thank god a distant relative in Ghana was able to send me $10,000,000 in my name (for only a $3000 fee), I get nervous when people try to get information from me.

LetMeGetTheManager