Ebay

Is eBay actually supporting phishing?

From time to time I am wondering if these guys (I am thinking at eBay, PayPal, Amazon, some banks) are actually trying to help phishers to do their “jobs”. The email you seen in the screenshot is a 100% authentic email from eBay Germany. I am being asked, you guessed right, to “protect my eBay account”. “Dear <user>, you have not updated your personal data since more than a year. In order to have your personal data up to date, help us to protect your eBay account better”. Sounds good, right? Please check your personal ebay information and make sure…


No Picture

Quoted in SecurityWeek.com about the eBay data breach

eBay, Security Experts Say Database Dump is Fake By Eduard Kovacs on May 23, 2014 It’s uncertain who is behind the attack, but other cybercriminals and scammers are already trying to profit from the incident. Experts have reported seeing a higher number of PayPal and eBay phishing attacks, (links to this blog) and, a post on Pastebin was found offering to sell 145,312,663 eBay customer records for 1.453 Bitcoin (around $750). “What I find very distressful is the fact that the breach occurred 2 months ago and they found out just two weeks ago,” IT security expert Sorin Mustaca told SecurityWeek.   As far as disclosing…


No Picture

Phishing attempts making use of the eBay data breach

I wrote about the eBay data breach where cybercriminals got access to some eBay employees’ credentials and accessed the internal network. Names, email addresses, postal addresses, phone numbers, birth dates and encrpyted passwords were obtained. eBay started a campaign to reset the password of all their users. More information is available in their FAQ. Unfortunately, the breach occurred some time ago (between February and March this year) and this gave time to the hackers to already make use of the data. eBay communicated that the breach was discovered two weeks ago, but why they didn’t disclose the fact earlier it is not yet…


No Picture

How to change your password on eBay after the security breach

eBay informed customers to change their passwords after a security breach. Cyberattackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay’s corporate network, the company said. Working with law enforcement and leading security experts, the company is aggressively investigating the matter and applying the best forensics tools and practices to protect customers. The database, which was compromised between late February and early March, included eBay customers’ name, encrypted password, email address, physical address, phone number and date of birth. However, the database did not contain financial information or other confidential personal information. The company said that the compromised employee log-in credentials…


No Picture

Bug or feature: Mime Type Detection

Also known as MIME Sniffing, this is a feature or bug in IE which is the only browser able to dynamically determine the content type of the document it loads. So, in this case, it detects a plain text document with HTML content instead of a an JPG header. And the content of the “JPG” file which is text/html: The URL was reported to Phishtank and CleanMX. The users of Avira Professional and Avira Premium Security Suite are protected if they use the latest Webguard signatures.


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close