agate18
|
posted on November 1, 2005 04:06:59 PM
I just had my ebay account hijacked. they even listed an auction in there for sale. so the first thing i done was to cancel my credit card. i then rang ebay and told them of the problem. they acted immediately.they also said that i did not have to cancel my credit card as the details are secured. i dont trust that.
I have to relist my items. but at no cost.
perhaps it is time for everyone to check all pass words etc.
|
agitprop
|
posted on November 1, 2005 04:55:42 PM
Use a strong pass phrase and your will not have any account hijacked unless you give it out to another party i.e. via a 'phishing' email or keylogger, etc...
Always use different pass phrases for different accounts, and change them at least every three months.
Secure your Operating System via the methods recommended by the National Security Agency:
NSA Security Configuration Guides
Home of the best eBay auction fee & PayPal calculators: http://auctionfeecalculator.com
|
ladyjewels2000
|
posted on November 1, 2005 05:08:40 PM
I had my account hijacked before and it's no fun. Make you feel violated. My hijacker started selling Laptops with a BIN. I changed every password on my computer. It was a lovely way to spend the day but I must say ebay was great.
|
sparkz
|
posted on November 1, 2005 06:46:49 PM
Agate18...So why didn't you set up a throwaway account and bid on the auction he listed? When you win, mail him a rubber check.
A $75.00 solid state device will always blow first to protect a 25 cent fuse ~ Murphy's Law
|
mikes4x4andtruckrepair
|
posted on November 1, 2005 07:01:10 PM
sparkz, now that's funny. I got a good chuckle out of that idea.
|
Shopchicly
|
posted on November 1, 2005 09:54:27 PM
Happened to me about six months ago. Started received mail saying the sender had bought
computer from me and paid and had not received the item. Threatened to turn me in to e-bay.
I've never sold any electronics/computers. I sent the mail to e-bay and they were great!
Sent me long explanation and instructions. It was a real pain changing all the passwords at the same time, but didn't have to do anything about credit cards, which have remained secure.
Received five threats from buyers, so the person was quite active with my account.
I never understood how it all worked, however, because when I pulled up the auctions my name was not given as the Seller, so the buyer should have been able to see I was not involved. Computers are still largely a mystery to me even tho I've been selling on e-bay for 5 years. No further problems, thank goodness!
|
agate18
|
posted on November 1, 2005 10:11:39 PM
In the 7 yrs i have been operating on ebay, i have never had this happen. the only people who know my pass word is myself and ebay. I never give it to anyone at all.
agitprop . can you give me an example of a strong pass phrase .
sparkz. i was so peeved that i simply did not think of doing that. i certainly would have had some fun.
Shopchicly In the last 4 months i too have had emails from people saying they have paid for something i dont even sell. very threatening. i just pass to [email protected] never hear from the retards again.
-----------------------------------
the real crunch was the email that ebay sent to my customers.
------------------
The following is a notice from eBay Trust & Safety regarding:
Item Number -
Item Title - KOROIT OPAL
Our records show that you placed a bid on this item. We removed this item
from the Site and cancelled your bid because it appears that the seller's
account has been compromised and used by an unauthorized third party. The
seller's privileges to trade on eBay may be temporarily suspended while we
investigate this matter further. Due to privacy concerns we will not be
able to share further details related to this seller.
If someone claiming to be the seller asks you to complete a transaction
outside of eBay, we strongly recommend that you ignore the request.
Transactions for items listed on eBay that are completed outside of the
eBay marketplace are not covered by the Buyer Protection services offered
by eBay and can be highly indicative of fraud.
If you have already paid, you may wish to pursue recuperating your funds.
Some steps you might take include:
1. Ask the seller for a refund
2. If you paid by check, ask your bank to stop payment
3. If you paid by credit card, contact your credit card company's security
department
4. If you have made a payment by money order or wire transfer, you may
contact that company for further information at 1-800-325-6000 (Western
Union), or at 1-800-926-9400 (Money Gram)
5. If you paid with PayPal, review the Buyer Complaint Process at:
/csg/p?www.paypal.com/cgi-bin/webscr?cmd=p/gen/protections-buyer-outside
There are many tips on how to protect yourself with any Internet
transaction in the eBay Security & Resolution Center located at:
www.ebay.com/securitycenter
Our goal is to ensure that your eBay xperience is safe so that you can buy
confidently. It is rare that something goes rong with a transaction on
eBay, but we're here to help you protect ourself in the event it does. If
you have additional questions, please send us an email using the "Contact
Us" link found on eBay Help pages. Do not respond to this email, as your
reply will not be received.
Regards,
Customer Support (Trust and Safety epartment)
eBay Corp.
_______________________________________________________________
They even sent the emails to customers regarding finished auctions. I had some very upset customers writing to me. I did manage to smooth them over. so in the end they were happy.
[ edited by agate18 on Nov 1, 2005 10:15 PM ]
|
pournslip
|
posted on November 2, 2005 04:10:42 PM
I recently had someone try to hijack my ebay acct. Apparently after they tried to log in so many times and failed. Ebay locked my acct. I had to contact them to get password reset. Changed all my passwords and secret questions, etc.
|
vintagepostcardsdotorg
|
posted on November 2, 2005 05:15:50 PM
agate,
an example of a weak password phrase is a six-letter password in all lower case without any numbers mixed in. bad example here, but the only one i can think of: agates is weak, it can be guessed and it's too short and it's an actual word in the english language.
a strong password is one that's at least 8 to 9 characters long, including some numbers and with some capitalization in it (case sensitive). just a quick example: Agatesells53714. it becomes much, much more difficult for someone to try to guess a password with capitalization and numbers in it.
(my password is over a dozen characters and has some capitalization - a mixture of upper and lower case letters - and a mixture of numbers in it and is not a real word.)
and i change it every so often.
http://stores.ebay.com/postcards-postcards?refid=store
http://www.vintagepostcards.org
[ edited by vintagepostcardsdotorg on Nov 2, 2005 05:16 PM ]
|
cashinyourcloset
|
posted on November 2, 2005 05:22:40 PM
To make it even stronger, do not capitalize the first letter, but one or more in the middle of the password. Also, it is a good idea not to include numbers at the end of the password, but rather in the middle.
Make it complicated enough, and you'll have to put a yellow sticky on your monitor to remind you, which everyone can then see 
|
neglus
|
posted on November 2, 2005 05:31:47 PM
ebay is not case sensitive so capitallization makes no difference. PayPal is case sensitive.
-------------------------------------
http://stores.ebay.com/Moody-Mommys-Marvelous-Postcards?refid=store
|
agate18
|
posted on November 2, 2005 10:29:25 PM
Thanks everyone for your suggestions. much appreciated. i have come up with a great pass word. wont be easily breached. your suggestions gave me some good ideas. I have my account back and changed everythin back to where it should be. it even changed my email address.
with help from ebay i managed to sort it. and have 2 email addresses of the turkey concerned. any one want a mobile phone.? that is what it tried to sell on my account. now all i have to do is to list all my auctions again. lucky i only had 57 up. oh here are the addresses.
[email protected]
[email protected] If by chance you know them, i would appreciate you letting me know. I can only hope.
|
neglus
|
posted on November 2, 2005 10:58:15 PM
Glad to hear that you are getting your site back! Does the suffix of the first address mean that your "friend" is in Romania?
-------------------------------------
http://stores.ebay.com/Moody-Mommys-Marvelous-Postcards?refid=store
|
agate18
|
posted on November 2, 2005 11:27:53 PM
Until we found the second email address, we thought they were in australia. a friend is in contact with them trying to get some more details, by way of buying a phone. they actually answered the email. the yahoo one.
then the second one was a romanian address. so we shall see. will let you know.
|
WashingtoneBayer
|
posted on November 3, 2005 05:27:23 AM
To make even a better password add some symbols to it @#$%&.
Ron
|
agate18
|
posted on November 3, 2005 05:44:42 AM
Never thought to use those symbols. the little meter near the new pass word that i put in came up almost 90% i will certainly keep them in mind for the next time i change it.
|
bjboswell
|
posted on November 3, 2005 07:08:29 AM
GOSH you guys are so smart... I am changing my password right now. I would never have thought of all those options.... I'm so grateful for this community!
|
sparkz
|
posted on November 3, 2005 12:19:26 PM
If you have a relative that lives in another town or state, use the call sign and frequency of their local police or fire department such as KPA252_453.475.00mhz. If you ever forget it, you can retrieve it. DON'T use the info from your local PD or fire dept.
A $75.00 solid state device will always blow first to protect a 25 cent fuse ~ Murphy's Law
|
pelorus
|
posted on November 3, 2005 02:31:57 PM
sparkz -- You must be smarter than me. It would take me about 10 min. to type "KPA252_453.475.00mhz" successfully.
|
sparkz
|
posted on November 3, 2005 02:47:47 PM
Yeah...But just think how long it would take a Romanian or Nigerian to figure it out and type it
A $75.00 solid state device will always blow first to protect a 25 cent fuse ~ Murphy's Law
|
