My ebay account was hacked

I’ve been active online since 1988-89 when I got my first Prodigy account. It was bound to happen sooner or later.

I’m still not sure exactly how it happened. I checked my email this morning and this was the most recent message:

Dear [my ebay username],

Your account may have recently been used for fraudulent purposes. For this reason, we have temporarily suspended your account to protect your online security.

If you think that your account may have been tampered with, please contact our Live Help team immediately. To reach the Live Help team:

1. Click the “Live Help” link at the top of most eBay pages. An “eBay Live Help” chat box will open.

2. Click the “Account Security” link. A “Securing Your Account and Reporting Account Theft” Help page will open.

3. Scroll down to the bottom of the page.

4. Click the “Live help” link.

Right underneath it was another email.

Dear [username],

We have temporarily disabled the automatic payment of your invoices. We’re sorry for the inconvenience, but we’ve taken this action to ensure that you’re being charged only for amounts that you actually owe.

If you’re not currently an active seller, then our action should have no effect upon your account and the following information is for your information only.

Even after both of these emails, I didn’t immediately believe it was for real. I assumed it was a phish, trying to get me to log in and “verify” my account.

Sure enough, I went to ebay.com in my browser, attempted to login and got a message that my account was suspended for fraudulent activity.

Crap.

I go back to my inbox and see 5 “Your ebay listing is confirmed” for Louis Vitton handbags. All 1-day auctions with Buy It Now prices. Amazingly enough, those listings happened around 5:20 am and the email from ebay advising of “possible unauthorized account use” arrived at 5:46 am. Whatever security measures ebay has in place to detect this kind of thing happening seems to have kicked in quickly. Even so, 2 auctions had buyers.

First thing I did was change the password on my email and PayPal accounts. It doesn’t appear there was any unauthorized activity on either, but it seemed the logical first move. Then I “spoke” to ebay through Live Help to confirm to them that I wasn’t the one who placed the auctions. They reactivated my account, having me set a new password and they cleaned out everything the crooks may have done. I hope. ebay support says that the PayPal account for the auctions wasn’t my PayPal account, which for all I know may have been what tipped off security.

I think I was lucky. Looks like the thieves were looking for the easy score of the “Buy It Now” listing which they could only get from an account with some feedback history. I first registered for ebay in March 1999 and have a 91 100% positive feedback rating. I also don’t use the account that often, another factor that may have made it an easy target.

I would just like to know how it happened. I’m assuming that because I had a relatively weak password (stupid, I know) they somehow guessed in. I don’t use that password anywhere else. In fact, for the last few months I’ve been using the outstanding 1Password to make sure my passwords are strong and not easily guessed for sites that have personal/financial information. I know they didn’t get my login information from a phish, and I don’t think my email has been compromised.

20 years online and this is the first time this has happened to me. I hope it’s the last.

Advertisements

12 thoughts on “My ebay account was hacked

  1. You’re the first friend I’ve had to experience this. I’ve spent the last few minutes changing passwords on the online services I care most about.

    I with you the best with this one…

  2. I went and changed my password to one generated by 1Password just now as well. It too was somewhat weaker. I think a lot of us who have been around for a long time have weaker passwords since hacking wasn’t really something we thought about in 1992 or whenever.

  3. This happened to me a little more than a year ago. I was amazed at how quickly eBay caught it. Definitely inconvenient for me but so much better than the nightmare it could have been.

  4. Cj says:

    Hi, I read your blog after searching the web about Ebay being hacked, I can’t find much but what happened some sort of security leak must have happened. Here’s my story ~

    Back on the 15th March 2008 I checked my Ebay.co.uk account and after a struggle to gain access to it I managed to get in and found that I had received bad feedback and angry emails and could see that items had been listed for buy it now sales from my account but Ebay had already removed the items themselves by the time I’d logged in. On checking the sellers account history bit of my account I could see that on the 14th March 2008 lots of fake GHD hair straightening irons and UGG boots had been listed from my account. I immediately changed my log in password and secured my Ebay, paypal and email accounts and notified Ebay. They emailed me back (I’ve still got copies of these emails) to confirm that a third party had gained unauthorised access to my account. They removed the negative feedback, notified the buyers, cancelled the charges to my account and tidied up my account.

    This whole incident shook me up and although I was happy that everything seemed to be sorted I decided to stop using Ebay (which I only ever used previously for buying not selling). I’m always extremely careful about Phishing emails and scams to gain account log in info so I’ve no idea how they managed it, the other thing is I received no email notifications in my email account about activity on my Ebay account so I’ve no idea how they managed it.

    I really thought this was all over with however last Friday I received legal documents from Walker Morris Solicitors acting for Jemella Ltd who own the GHD brand. They are accusing me of selling those fake GHD products on Ebay and are demanding that I pay them compensation within the next 7 days for ‘trade mark infringement’. I’ve tried to contact Ebay to provide more proof of the transactions to clear my name but I’ve not had a response yet. I’ve visited the citizens Advice bureau and got some advice there!

    Also even though it happened just over a month ago and Ebay sorted out my account I have still reported the whole incident to the Police for them to investigate, after all it is serious fraud and identity theft. My advice would be to report your hacked account to the police and make sure you keep copies of all correspondence with Ebay just in case there are any comebacks.

  5. dkkd says:

    happened to me once and i’ve been online since 1990. I caught it before ebay did.

    someone got in my account and listed a mac computer for sale… of course, I was not selling a mac computer. glad I caught it. someone would have bought it and paid for it, waiting for me to deliver something I did not have.

    I recommend strong passwords. upper and lower case, letters, numbers, and !@#$%^^ characters. 10 character minimum. Not just for ebay, but for all accounts. IF your password is easy enough for you to remember, it’s easy enough for someone to guess.

  6. Barbara says:

    To Cj – I don’t think it was your site I was on, but I have actually received a set of ‘GHD’ straighteners from a hacked seller. They weree shipped from Shanghai (there’s a joke in there somewhere!) & I still have the details. Contact me directly if you think this information might help

  7. venkatesh says:

    it is not the one hackers don’t guess passwords they install

    stealer logs and other spyware in your computer to steal your information.

  8. boogers says:

    I’m sure everybody posting above has fixed their problems by now. So this goes out to those who come after me.

    If there is any suspicious activity on your account as mentioned above, get logged in. Reset your password and immediately go into your account information.

    **If for some reason you would get a “timed out” message when trying to enter a new password, clear your internet cache and cookies. If you don’t know how to do this Google it for your specific browser.

    Take note of any changes made to your personal information. Then contact eBay live chat’s Account Security dept. Tell them the situation and be prepared to answer questions with the information noted in you personal information. Mention any bids, listings and seller fees that came about from the fraudulent activity.

    Tell them the situation and hopefully if you catch it soon enough you will have no trouble convincing them it was not you. Tell them everything that had been changed by the hacker in your account info.

    After chatting with eBay, go back into your personal information under the account tab on the my eBay page. Make up a name and address, use a new email address (one you have access to) and an alternative phone if possible. If not possible, make that up too! Change your security question. These are all bits of information the hackers can use to re-access your account even after you have changed the password.

    If you have a paypal account change that password too! Be sure to check for any fraudulent activity there as well. You may also consider sending paypal an email to inform them of your recent hijacking. Let them know that any other paypal accounts tied to your eBay username are fraudulent accounts. Provide any information that was changed on your eBay account by the hacker (name, address, phone, credit card) so they may cross-reference. Not sure that this helps, but it can’t hurt!

    As venkatesh mentioned, these hackers could be getting your information from keyloggers or spyware. Just to be safe, make sure you have a reliable anti-virus and firewall running 24/7. Make sure your anti-virus is set up to run automatic scans, at the very least, once a week.

    Also, I recommend downloading malwarebytes (free) from download.com. It is great at sniffing out nasties! Make sure to do an update FIRST. Then a full system scan.

    If you are on a router check your security settings. This can usually be done by typing 192.168.1.1 or 192.168.0.1 into the address bar of your browser and looking for a firewall or security tab. Each router is different so check your owner’s manual for the complete information.

    I see some recommendations for a password generator. I haven’t used that but would like to recommend Keepass password safe. It is a place to store all of your passwords, accessible with one master passphrase, and it also has a customizable (character) random password generator. Use it to store all of your passwords, and it wouldn’t hurt to update every password you’ve ever had. With only one phrase to remember to get into the password safe you can make all of your passwords ridiculous in length and any mix of symbols, letters, numbers, dots, dashes….as long as the site you are logging into allows it.

    Last, go to http://www.annualcreditreport.com and get your free annual credit report from all 3 agencies. This isn’t one of the sign up for a monthly fee deals. Absolutely no sign up involved, free or otherwise. It’s the site to get the reports that the agencies are required by law to give you once a year. Be sure to print them out!

    If you would like to be extra safe you may consider creating new email accounts. Or at least one new email account for all of your financial stuff. Try if possible to make these accounts through your ISP. They are less likely to get hacked than hotmail, gmail, etc. If you use multiple email accounts, consider downloading incredimail so that you can access all of your email accounts from one place. Plus it saves the passwords so you don’t have to constantly retype them. Just a consideration for you….

    Hope this comes in handy for somebody. It’s what I learned along the way and maybe it can save you a little time and frustration.

    Boogers

    • boogers says:

      BTW…if you decide to go with Keepass password safe buy yourself a usb flash drive to save the program and database on. It is a portable app meaning that it can be installed directly to a usb drive and run on any computer. Call me paranoid, but maybe you should encrypt that drive too, just in case you lose it. Truecrypt should do the job, and it’s free.

      (Always save a back up of the Keepass database!!!)

  9. If you would like to be extra safe you may consider creating new email accounts. Or at least one new email account for all of your financial stuff. Try if possible to make these accounts through your ISP. They are less likely to get hacked than hotmail, gmail, etc. If you use multiple email

  10. Jerry says:

    Still going on, mine has been hijacked twice now in the past month, first one Ebay caught, I reset my password with a much harder one, then today I tried to log in and my user name was bad! I called Ebay and they fixed it in a few minutes, said someone in Austria had hijacked it and used it so they cancelled all the purchases and reset my account, again I reset my password but it appears they have my email address and password so they are checking my email for updates and I can’t seem to get my ISP to change my email password as they use it for the login on my router and it would be a 60 mile round trip to adjust thing if they change it. what a pain, me with a 100% of over 1000 deals on Ebay. Guess mine is a desirable account to hijack!

  11. Jackie Marchant says:

    Yep happened to me just over a week ago someone got into my account and listed packs of Iphones. Been a nightmare changing everything as 9 people brought these, I have been trying to organise refunds for these people, trouble is I have a French Paypal account and they have frozen this for now as soneone also tried adding a bank account to this. I can’t do anymore and there are at least 2 people at present that are £320 out of pocket until they release the funds.

Comments are closed.