We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
79,812 News Articles

Phishers hack eBay

Second time this year

A flaw has been discovered on eBay’s website that would have allowed fraudsters to successfully redirect the sign-on process to a phishing site.

Reported by British antiphishing outfit Netcraft, the clever scam apparently started with fraudsters sending emails asking eBay users to update their accounts. So far so normal, as such fake eBay emails are currently one of the phishing world’s persistent lines of attack.

Disarmingly, however, the link provided was genuine and led to the correct eBay sign-in page, signin.ebay.com. If users clicked on this, parameters embedded in the otherwise normal stream of characters at the end of the link actually redirected users away from the page after the sign-in page to a fake phishing page, via an open relay hosted at servlet.ebay.com.

The end result would have been that users gave away information allowing phishers to hijack their accounts, either as a way of laundering money or for launching fake auctions.

According to Netcraft’s Paul Mutton, the company first learned of the attack from users of its antiphishing toolbar - which stops the attack - and reported the flaw to eBay last week.

This is not the first time such an attack has been attempted on eBay users. In March, phishers launched an almost identical redirect-style attack, which spoofed the sign-on page itself. Mutton said he considered the latest attack more subtle as it manipulated the real sign-on page, and would therefore be harder for users to detect.

"I believe this new exploit is more serious because it is more convincing," Mutton said. "It is something they can prevent by enforcing stricter coding conventions." At the time of going to press, eBay was unavailable for comment.

The moral is not to click on links in emails just because they look genuine, a fairly disturbing conclusion as this is one of the main criteria people use. Netcraft’s toolbar, a web browser plug-in for Microsoft’s Internet Explorer and Mozilla’s Firefox, is designed to protect against phishing websites, not least by analysing the sort of characters used in this attack.


IDG UK Sites

45 Best Android games: top Android games for your smartphone or tablet in 2014 (24 are free!)

IDG UK Sites

How Apple, Adobe, Microsoft and others have let us down over UltraHD and hiDPI screens

IDG UK Sites

Do you have the X-Factor too? Mix Off app puts fans in the frame

IDG UK Sites

iPad Pro release date, rumours and leaked images - 12.9 screen 'coming in 2015'