Watch out: eBay vulnerability leads to phishing log
Thinking about picking up a used iPhone on eBay? Shop carefully, friends: it's apparently phishing season. The BBC is reporting some auction listings are redirecting to counterfeit eBay login pages -- fronts for phishing scams designed to steal customer usernames and credit card information. The good news is that eBay isn't technically hacked. The online marketplace allows sellers to use scripting to gussy up item listings. Cross-site scripting is generally not allowed, but these scammers are doing it anyway.
'Cross site scripting is not allowed on eBay and we have a range of security features designed to detect and then remove listings containing malicious code,' eBay told Engadget. Even so, the BBC says it was able to identify 64 malicious listings from the last 15 days. All those auctions have been removed, of course, and eBay says it is actively seeking out and removing these kinds of listings. Still, better safe than sorry: if eBay is asking you to log in at an erroneous time, double check your address bar to make sure you haven't been mysteriously redirected.
Featured Stories
Belkin Crock-Pot Smart Slow Cooker review: Can WiFi make cooking easier? Libratone's got a new soundbar, and yes, it's covered in wool Misfit's new activity tracker is a cheaper, plastic version of its first We just played with Nintendo's New 3DS: Finally, an extra analog stick Amazon's new budget tablets include 6- and 7-inch sizes, as well as a kids edition Amazon gives its flagship Kindle Fire HDX 8.9 a modest spec boost Amazon's $200 Kindle Voyage is the Rolls-Royce of e-readers
Post a Comment for "Watch out: eBay vulnerability leads to phishing log"