Buyers: Pay Attention!  
 

 

      
     

Be on the lookout...

When a seller responds to a spoof email, they are handing over their eBay user id and password to a crook. That crook can then take over their eBay account and post listings for items they do not have. The legitimate owner of the account is usually not immediately aware that someone has hijacked their seller account. The crook's intention is not necessarily to steal from the seller. The crook is hoping to steal money from unsuspecting buyers like you, usually by offering a deal that is too good to be true

eBay does everything possible to track down these listings and remove them but, that doesn't you won't come across them. How can you tell if a listing has been posted by an account hijacker? Well, besides your exquisite sense of intuition, here is a list of the most common factors. Singularly, they may indicate a fraudulent listing. Two in the same listing? Be on guard. Three or more, Red Alert! don't bid or buy! Report it immediately to eBay. Better safe than sorry.

Unusual Seller Requests

  1. The seller requests that you don't attempt to contact them via the Ask Seller A Question link due to "mail box full" or "mailbox has reached its limit." This is never true!
  2. The seller has requested you contact them before you bid.
  3. The seller has included, usually in very large text, an email address to which they want you to send email. This is almost always in tandem with a request to not use Ask Seller A Question
  4. The seller has included an email form inside their listing (against eBay policy).  This usually consists of one or more text entry boxes and a button to send the email.
  5. The seller has restricted the listing to pre-approved bidders only. (this is so you are forced to contact them at which point they will offer the item to you directly).
  6. Listing is for one day.

Unusual Items or Prices

  1. Seller is offering a lot consisting of several units for a very expensive or desirable item or a popular big ticket item: Examples include laptops, computers, cell phones, PDAs, plasma screen TVs, motorcycles, cars, etc.
  2. Listing is for an item not yet released (otherwise known as a "pre-sale").
  3. Buy It Now price (or direct offer) is "too good to be true."

 

Suspicious Payment Terms

  1. Seller requests payment as a Western Union cash or MoneyGram transfer.

NEVER SEND CASH VIA WIRE TO A STRANGER VIA WESTERN UNION OR ANY OTHER CASH WIRE SERVICE! You will never see the item and you will never recover your cash.

Other Security Safety Tips

Email Requests for Your eBay Information

There are bad guys out there who want your personal information. These crooks are hijacking eBay registrations by exploiting the goodwill and naiveté of many eBay members. These bad guys are creating web sites that look exactly like an eBay web site with forms for entering your eBay, personal and even financial information. They are also sending email that looks like it comes from a legitimate site like eBay or Paypal.  NEVER under any circumstances, enter this information! No matter how legit they appear

If you receive an email requesting you go to a web site to "verify" or "confirm" your eBay registration or informing you that your account has been suspended, don't believe it! Instead, delete the email without responding, entering information or clicking any included links. 

You can learn more about this current scam, what eBay is doing about it and how you can easily protect yourself at 

eBay Security Center

Look for the links for Spoof eMail.

If for some reason, you are suddenly unable to access your eBay account (you receive an error message that your password is invalid) , contact eBay immediately!

Protect Yourself

You can take a few simple pre-emptive steps to prevent anyone from hi-jacking your eBay registration. In addition, these steps will also help protect  all of your crucial personal and financial information.

eBay User ID's

If your eBay User Id is your email address, change it to a non-email address User ID. Having your email address visible on the eBay site is an invitation to the bad guys.

Passwords

Never use obvious passwords like your name, your cat's name, a simple series of numbers or worse of all, your eBay User ID. Create a password with a mixture of numbers and letters with no obvious patterns and don't write it down! Memorize it!

And never, EVER type your password into an email form or in any box, ever!

Never enter your password into a box on a website unless you have navigated directly to the site by typing in its URL yourself!

Web Browser Security

If you are using Internet Explorer as your web browser, make sure you have downloaded and installed the very latest security patches from Microsoft.

Netscape also provides their users with an upgrade to Netscape 7.0 (which they claim is safe from these security issues.)

Disable the "remember password" feature in Internet Explorer by going to Tools, Internet Options, Content, Auto complete. Then uncheck the option for "User Names and Passwords on Forms."

Personal Firewalls

If you connect to the Internet with DSL or cable, you really should use a personal firewall on your desktop computer. Purchasing and installing a personal firewall for your computer is a snap. Find them at eBay!

Finally, the best safeguard against bad guys is you! The steps are easy...

  • Secure your browser
  • Use non-email address User ID's
  • Create complex passwords
  • Install a personal firewall!
  • Always keep your eBay and other personal information to yourself!

 
     
 
     

Were you aware?...

...99.99999999% of all email virus alerts are actually hoaxes?

Read about it here:

http://www.symantec.com/avcenter/hoax.html

I bring this up since today I received yet another warning from a well meaning friend. The warning was for a virus called jdbgmgr.exe which is actually a valid system file (It's a Java debugger). The email contained instructions for deleting this file. It's not a system critical file (though Java may not operate properly on a computer where it is missing). 

Some tips:

1. Never delete a file without first checking out the file name. If you delete a system critical file, you're computer may cease to operate!

2. Never forward an email virus alert. By doing so, you are only helping to perpetrate the hoax as well as spreading misinformation.

3. Help stamp out these hoaxes. If you receive an email alert, always first check the Symantec hoax site and, if the virus alert is listed as a known hoax, send an email back to the sender with the link to the hoax web page. Education is the key.