Ebay Hacker

I got a message this morning from Ebay that I had changed my email address. I HADN’T! As it turns out, someone had taken over my account and placed several listings. I contacted Ebay right away and within an hour, they had changed my email back to the original and canceled the bogus auctions. This person had changed my password so I couldn’t get into my account, modified my confirmation questions, and all of my contact info.

Wow, that was weird and scary. I’m including the message I got from Ebay below with info on how this could have happened. I didn’t fall for #1, but maybe was a victim of #2 or 3.

It appears your account was taken over by a third party and used to place several unauthorized listings on eBay. Additionally, the email address on your account may have been tampered with, which is why you may not have received an email about these listings. Based on these factors, we have restored your eBay account at this time.

Let us suggest a few ways this take-over could have occurred:

First, there have been a number of email messages recently sent to eBay members asking for User IDs and passwords. These unsolicited and spoofed messages appear to come from eBay Support, but in fact do not. eBay never requests sensitive information of this nature via email.

Second, if you use a fairly simple or easy-to-guess password, it’s possible that someone could guess it after repeated attempts. For this reason, it’s important to use a password that consists of a combination of letters and numbers making it very difficult to guess. The same applies for the password hint question. It’s also important to use different passwords for the various online accounts you use (email, PayPal, etc).

Last, there are a number of computer viruses in circulation that log and record keystrokes. It’s recommended that computer users keep their virus alert software up-to-date, and check their system often for problems. A firewall for high-speed internet users is also highly recommended.

Regards,

Customer Support (Trust and Safety Department)
eBay Inc

Wow. I had that happen to a friend of mine just a couple weeks past. She’s a mac user, if that had anything to do with it.

Microsft just announced the other day that there are 5 critical updates to protect security for it’s Windows users. Hacking into Outlook has been a problem and this free patch is suppose to fix that. Go to THIS update and download center.

That is scary. And I admit I’ve been a bit casual – quite possibly smug, even – as I’m on a Mac. Thanks for the update and the tips! OK if I pass that Outlook info on to our IT guy, Lorenzo? (gee, and they thought hanging about on boards was a waste of valuable work time)

Sure…here’s a link about security being in the news.

http://news.google.com/news?q=microsoft+critical+security+updates&hl=en&lr=&ie=UTF-8&oe=UTF-8&sa=N&tab=nn

Wow. I had that happen to a friend of mine just a couple weeks past. She’s a mac user, if that had anything to do with it.

I seriously doubt it. I’m not an expert, but I know that Macs are much more secure than Windows, and there is currently no known virus in the wild for OS X.

Let me clarify–I’m not saying that Macs are immune from viruses. I’m just saying that the fact that she’s on a Mac didn’t make her MORE vulnerable.

I’m using Windows but not Outlook, just to clarify. I have a Norton virus program that gets automatic updates and my computer is set for a full scan every night at 3 am. And, this still happened! Very frustrating.

I use the same password for virtually everything I do since I don’t want to have to remember a couple dozen passwords. But, I went through some of my major accounts today, including online banking, Paypal, and a bunch of others and changed them to different passwords. I hope that makes a difference.

Now I’m freaked.

I don’t know if they hacked ebay or her personal computer, but she didn’t run any firewall or anti virus, and no router, and on broadband. She just assumed because she had a mac she was untouchable.

If someone could access the email one recieves from ebay that is in the mailbox, after winning an auction, a lot could be learned about someones account, and then requesting a new password, in some cases, perhaps not ebay.

Up untill about 1½ years ago, I stored variations of my bank account numbers, passwords, etc, on my computer. In fact, I even had a new email folder called “saved” which I could easily keep newly copied material on for reference…just open the mail and there it was. I no longer keep sensitive material on the computer, since the computer is nearly always online.

BTW, my brother is a computer tech person and he says he shuts his computer down every night. Continual running eats on the memory I guess, if even just a little. Also, it keeps the system clear instead of the need to boot up when something doesn’t seem right.

A trick to come up with easy to remember passwords is to use the first letter from the first 10 words or so of a poem or song. Adding numbers or special characters makes it even harder to guess.

For example, “Mary had a little lamb whose fleece was” would give a password of mhallwfw. If the password is case sensitive, capitalize one or more of the internal letters. Guessing mhaLlwFw8 would be pretty hard even for a hacker who knew I used this method.

I have to change my password at work every 90 days and I could never remember it without a system like this.

Angelo

If you are into ITM why not use the ABC notation for a bar of a jig or reel you know?

• banking - The Hag with the money
  email - Letter from home
  Ebay - The market town
  etc

A lot cooler than Mary had a little lamb …

Cheers!

/MarcusR