eBay

It's actually the bidders accounts have been compromised via phishing scam. The scammer gets the password, gets into the bidder's account, checks bidding history, confirms their email address, and sends through the 2nd chance email based on items from their bidding history.  Our account wasn't hacked, passwords are regularly changed, and the 2nd chances flood in daily to our customers. It seems a lot of people will freely log into their account at a bogus URL when asked to do so via random email.

The scanmmer can't get the bidder information as anyone checking your possible second chance bidders would show as r***T  or H***L or any such combination and are therefore hidden,(eBay only uses 2 letters or numbers from their ID and puts the *** in between).

Any scammer can not see their full id,only you can or anyone else that is able to log into your account.

So there is no way that the scammer would be sending second chance offers to a buyer for a listing that they know nothing about.

It sounds more like scammers are stealing your listings and others that have bid on your items are either bidding on them or complaining why they didn't get a second chance offer.

If they haven't had a second chance offer from you then the scammer can't send them one as they can't get that information from a listing,X-(

I will repeat, I doubt my account was compromised (not via phishing as I am always careful, monitor URL when I click a link, etc.); and if it is the seller's account, he should only be able to get my ID from the bidding list, not my real name and email without requesting it or get in contact with me.

There are multiple case like this and they seem to all be for items ending in thousand of dollars.  And they seem to all be in recent weeks (March/April).  There are older scam, but not with real name + email, etc.

One of the best written example is there: http://bidamount.blogspot.co.uk/2013/04/the-new-ebay-second-chance-offer-scam.html

The guy says "The did tell me the information did not come from my own account after doing some checking on login data." -- he went as far as verifying login information with eBay.

Plus the email used is similar to the one used for me (jr engineer was in both)

Only way he could have got that guy's info via phishing, it would be to ask these personal info, but someone will find it suspect that a phish scam ask for the name, etc. (and I sure have not give back my name to eBay).  I am still wondering if the people doing that have not found a way to get that information (e.g. via an unprotected web service).  Unless we have a kind of virus trojan that monitor everything on our side, etc.  But I doubt.  We cannot conclude it is phishing that easily.

go-tazz.....'The scanmmer can't get the bidder information as anyone checking your possible second chance bidders would show as r***T  or H***L or any such combination and are therefore hidden,(eBay only uses 2 letters or numbers from their ID and puts the *** in between'...

correct, until the seller leaves feedback for the buyer, then all bidder information is viewable from what I have seen.

Also I recently had to pay a techy to fix my computer as I had malware take over the whole darn thing. He explained to me 'It isn't the site you are on per se...it is the ADVERTISERS that site sells advertising space to that places the malware on your computer, so the same must apply for hackers, all they have to do is ADVERTISE on ebay to work their way through the systems of the HOST SITE, in this instance ebay.

There are that many external advertisers on ebay now you would be hard pressed to know who was legit & who was paying simply to access ebay's database.

Ebay won't accept liablility, it leaves them open to having to pay compensation, can't have the CEO losing his lunch money can we !!

It might certainly be possible but if that was the case we would have heard about a lot more fake second chance offers.

currently being targeted by a sophisticated scam involving sending 2nd change offers to bidders on our items.

These offers are only linked to this seller so that is the common ground,(the other one like in the link above are only targeting that sellers buyers so it the same scenario).

They would have possibly done the same as this seller:not via phishing as I am always careful, monitor URL when I click a link, etc.

The perfect opportunity for the scammer to download a Keylogger/Trojan that will access your information without you knowing anything about it,(they will keep relaying any information from the time they where downloaded).

You need to run all your Virus and Malware programs to see what you might have downloaded.

That's why eBay can't explain it because it has nothing to with them as the information is coming from the sellers PC.

Keyloggers are commonly sent as email attachments and via links in instant messages that point to the infected file.

Keyloggers may record all keystrokes, or they may be sophisticated enough to monitor for specific activity - like opening a web browser pointing to your online banking site or other secure sites.

When the desired behavior is observed, the keylogger goes into record mode, capturing your login username and password.

eBay should be held responsible for protecting user's confidential information.  If the fraud is initiated by hacking into eBay and obtaining buyer's direct contact information which is ultimately used to target specific eBay users, eBay should be held accountable.

ebay has lost the plot its just not relaible liek it used to be , and they will loose sellers tenfold , ebay just dug their own grave 😞

Also I recently had to pay a techy to fix my computer as I had malware take over the whole darn thing. He explained to me 'It isn't the site you are on per se...it is the ADVERTISERS that site sells advertising space to that places the malware on your computer, so the same must apply for hackers, all they have to do is ADVERTISE on ebay to work their way through the systems of the HOST SITE, in this instance ebay.   There are that many external advertisers on ebay now you would be hard pressed to know who was legit & who was paying simply to access ebay's database.   Ebay won't accept liablility, it leaves them open to having to pay compensation, can't have the CEO losing his lunch money can we !!

YES.. that is so true.. 

I had Adblock Plus on my Chrome browser.. I hardly see any advertisements... I also use Bullguard that now puts a little green tick beside safe sites when I do google searches...