eBay Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

carsalesbay
Community Member

on ‎18-03-2013 05:44 PM

We are a high turnover business and are currently being targeted by a sophisticated scam involving sending 2nd change offers to bidders on our items. I believe the hack has taken place on the eBay site itself to obtain the bidding information, and the full name and email address of the users that did in fact bid on the item, but not win it.


 


Through what I believe is a vulnerability in the security of eBay, the hackers have access to eBay's customer database and thus have access to personal information. There are no records of these 2nd chance offers being sent by our account itself. It is a sophisticated hack, taking advantage of us as the high value trader, and using eBay's records of bidding information, and user information. A complete phishing email can be constructed looking exactly as it would if sent from eBay, and being sent to the fraudulently obtained email address of 2nd 3rd and perhaps 4th highest bidders of the item. The hack takes two forms known to me. One uses an email address as a means to complete the fraudulent sale. The other reported to me only uses a PayPal account designed to received funds with a 'buy it now' link on the fraudulent 2nd chance offer. We have had numerous reports from over 10 individuals of this fraud who were previous bidders on our items over the past 4 weeks. There would undoubtedly be many many more instances of the scam taking place, but being unreported. 


 


I believe the hack requires an urgent bulletin posted on eBay, and/or a general email to users advising to extremely cautious of emails pertaining to 2nd chance offers. This hack should immediately be escalated to a senior security staff member at eBay, and not treated with the templated response as per eBay's usual reply. 


 


We have had reports from customers who have sent money, and presumably lost money due to this fraud. Frustratingly, after reporting this fraudulent activity, eBay has not taken any serious steps to investigate it. I have sent examples of the emails sent (as received from customers), and attempted to speak to higher levels of management. As stated, I believe the hack is taking place on the eBay site itself, therefore, if eBay don't have a solution, or have not been able to ascertain how this is occurring, it is obviously very embarrassing for eBay. This should not be reason enough to take urgent steps to advise customers to beware of this known problem.

Message 1 of 18
Latest reply
0 Helpful
17 REPLIES 17

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

carsalesbay
Community Member

on ‎18-03-2013 05:50 PM

To add to this -  The hack isn't on our account. Our account isn't sending any emails, and has not been compromised. I've changed passwords, and run through security checks with eBay customer service. At their end, they've IP limited the account to just us. 

Message 2 of 18
Latest reply
0 Helpful

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

phorum_junkie*
Community Member

on ‎18-03-2013 05:56 PM

I have had dozens of fake second chance offers, I have not blamed ebay for any of them, the hackers invariably get the information from people using links in phishing emails and there is absolutely nothing ebay can do to prevent people being duped into clicking links in emails and passing on their sign in information.


 


I would like to bet all my profits for the year that it has nothing to do with the ebay site having been hacked.


 


If people are gullible enough to fall for fake emails then there is not much ebay or anyone else can do to help them. Ebay clearly explain that a second chance offer will be displayed in a member's ebay page so if all they have is an email and they then go on to pay somebody money without using the protection of ebay then please pass me their details, I have a very nice bridge to sell, free opera house included!

____________________________________________________
It says in this book I am reading that by 2065 80% of women will be overweight.

See what a trendsetter I am?
Message 3 of 18
Latest reply
0 Helpful

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

donnashuggy
Community Member

on ‎18-03-2013 08:59 PM

These scams are fairly common, do you also sell the vehicles on carsales or similar?


 


It really isn't eBay allowing this to happen, it is buyers not recognizing legit eBay messages and more than likely the offer is too good to be true but they part with their money.


 


I have seen these scams and the messages and yes they do look legit if you are inexperienced, it is extremely unfortunate that your bidders have fallen for this. It isn't your fault and it is not eBay's either.

Photobucket
Message 4 of 18
Latest reply
0 Helpful

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

boggo58
Community Member

on ‎18-03-2013 09:22 PM

Forget it, stop wasting your breath Ebay wont and will not do anything, ph, send messages wont work ,they know whats going on but refuse to do anything about it

Message 5 of 18
Latest reply
0 Helpful

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

coast_golf
Community Member

on ‎18-03-2013 09:33 PM

Perhaps I'm missing something here but how are the scammers identifying the underbidders? Unless I'm mistaken they must have access to the OP's account in some capacity but the 2nd chance offers don't appear to be originating from that account. I'm confused, although that's fairly common 😄

Message 6 of 18
Latest reply
0 Helpful

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

donnashuggy
Community Member

on ‎18-03-2013 09:36 PM

It is very easy to view a bidders history, and when it is worth a lot of money even if you only uncover one bidder of a high priced item in a day it can be a good earner......that is one way.

Photobucket
Message 7 of 18
Latest reply
0 Helpful

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

mickoz
Community Member

on ‎23-04-2013 04:24 PM

I also received one of these scam today.  Easy to spot if you check sender email and links, but people are not on their guard like me...  

I am not surprised somebody can "find" my username and thing I buy even if eBay scramble the ID (I preferred eBay when it was more open for multiple reasons).  I was surprised though that the scammer found my real name and email on top of that (I can think of way someone can find it, but by reading a couple of similar case, there is a pattern and there is a big chance they found an easy way to get that info via eBay).  And realistically I changed email not long ago, and it is not publicly available, therefore chance are slim.

I even saw fake reply (not with me) including the buyer's address... it makes me wonder just like carsalesbay that the people doing this have found a way to get that information (e.g., through an insecure web service).  I do not think seller can see member's real contact without requesting them when they proceed the normal way with eBay.

I agree that most scam, they cannot do much, but for a couple of reason these ones sound more alarming to me.

Message 8 of 18
Latest reply
0 Helpful

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

go-tazz
Community Member

on ‎23-04-2013 08:45 PM

I believe the hack has taken place on the eBay site itself to obtain the bidding information, and the full name and email address of the users that did in fact bid on the item, but not win it.


 


Which means your account was hijacked as only you can see the bidders ID's.


 


Someone has clicked a link via a phishing Email and given them your passwords,(which would now stop as you've changed them).


 


Through what I believe is a vulnerability in the security of eBay, the hackers have access to eBay's customer database and thus have access to personal information. There are no records of these 2nd chance offers being sent by our account itself.


 


It was your account that was compromised as only your customers where affected.


 


If they had hacked eBay there would have being hundreds if not thousands of second chance offers sent all over the place.


 


They only need the information from you and then they'll set up their own fake site/listings.


 


The hack isn't on our account. Our account isn't sending any emails, and has not been compromised. I've changed passwords, and run through security checks with eBay customer service.


 


Your account was compromised as that's how they got the information to send the second chance offers.


 


They wouldn't send the second chance offers  via your site as that achieves nothing for them.


 


Changing passwords should fix the problem provided no one else clicks on a link in a phishing Email,:-D


 


 

Message 9 of 18
Latest reply
0 Helpful

Major 2nd Chance Offer Fraud - Reported to eBay with absolutely no action.

go-tazz
Community Member

on ‎23-04-2013 08:52 PM

Old thread resurrected,:-(


 



http://i266.photobucket.com/albums/ii245/phoenix72_2008/brickwall.gif

Message 10 of 18
Latest reply
0 Helpful
Top