Vladuz busted, according to eBay

Vladuz, the mysterious hacker, who seemed to take great pleasure in hacking eBay has been arrested, according to eBay.

Ina Steiner reports on the AuctionBytes blog:

A cyber-criminal who embarrassed eBay for nearly a year with claims he had hacked the site was arrested on Thursday, according to eBay. "Vladuz" had harassed eBay with his taunting from December 2006 through October 2007, when he accessed eBay servers and gained limited access to a very small number of eBay accounts on the eBay.com site. (eBay said at the time that at no point did the fraudster get any access to financial information or other sensitive information.).

Thus far only eBay is confirming the arrest:

eBay spokesperson Nichola Sharpe said local Romanian law enforcement officials would have to confirm details, as they considered the case confidential until a conviction was made. Asked why eBay had issued a press release, Sharpe said eBay wanted to thank all of the law enforcement agencies involved who collaborated in the case. She also said that the community was aware of Vladuz, and said, "This is obviously great news."

eBay states that Vladuz never accessed any financial information, but I’m not certain that was his intention in the first place.

There are some, who believe his intention was to point out the massive amount of fraud occurring on auction sites and show weaknesses that could be exploited in eBay’s system.

After all, unless he is mentally disturbed, why would he make his effort so public otherwise? Most criminals prefer to remain anonymous when they are committing financial crimes. They make a lot more money that way.

Here is a previous post, I did on the mysterious, Vladuz:

Did Vladuz hack eBay, or is stockpiled stolen information being used to make it look like he did?

eBay/Craigslist praised by Congressman for efforts to curb sales of stolen military equipment on their sites (?)

I've written a few things about scams and fencing stolen merchandise on auction sites. Recently, the GAO discovered that items stolen from the military are for sale on eBay and Craigslist.

Even more interesting were the results of narrowly focused hearings (my opinion) on this matter in Washington, which can be seen at the bottom of this post. The reason I believe they were "narrowly focused" is because there is no shortage of fraud, phishing and financial misdeeds on auction sites.

Of course, there is also no shortage of ordinary citizens and businesses that have been taken to the cleaners on an auction site. Stolen government items are only a small part of the overall problem.

From the GAO report:

GAO found numerous defense-related items for sale to the highest bidder on eBay and Craigslist. A review of policies and procedures for these Web sites determined that there are few safeguards to prevent the sale of sensitive and stolen defense-related items using the sites. During the period of investigation, GAO undercover investigators purchased a dozen sensitive items on eBay and Craigslist to demonstrate how easy it was to obtain them. Many of these items were stolen from the U.S. military. According to the Department of Defense (DOD), it considers the sensitive items GAO purchased to be on the U.S. Munitions List, meaning that there are restrictions on their overseas sales. However, if investigators had been members of the general public, there is a risk that they could have illegally resold these items to an international broker or transferred them overseas.

Apparently, body armor, MRE (meals ready to eat), uniforms, night vision goggles, NBC (Nuclear Biological Chemical) equipment and even F-14 components were some of the items purchased on eBay and Craiglist by undercover investigators.

The obvious concern would be terrorists, or other not very friendly people getting their hands on some of this stuff.

Given the organized effort on a lot of auction sites to fence stolen merchandise via some pretty sophisticated methods, it's not surprising that the GAO found military equipment for sale on the sites. Many have speculated that these sites are used as a means of fencing the proceeds of what is known as organized retail crime. Of course, less organized criminals obviously sell their goods on auction sites, also.

Organized retail crime obtains their goods by a variety of methods from common theft to using stolen financial instruments. A lot of stolen financial instruments are used to purchase items on auction sites and e-commerce sites. Of course, they are used in more traditional store settings for the same purpose, also.

On eBay, account credentials and payment accounts (PayPal) are phished all the time, enabling an additional layer of anonymity to the schemes. In fact, over the years, many experts have stated that eBay and PayPal are the two most phished brands out there.

One thing not mentioned in the report is that people don't always get what was advertised on these sites. It isn't inconceivable that a complete fighter jet might be put up for sale, paid for and in the end a toy, or "nothing at all" is received by the buyer.

Trust me, this wouldn't be the first time something like this has happened on an auction site.

A lot of counterfeit (knock-off) merchandise is sold on the sites, advertised as the "real thing," also.

Our leaders in Congress reacted by calling Jim Buckmaster (Craigslist) and Tod Cohen (eBay) in to speak with them on the matter.

Anne Broache (CNet) writes:

By calling Craigslist CEO Jim Buckmaster and eBay government relations chief Tod Cohen to Washington for the hearing, the subcommittee seemed to be preparing to place those executives in the hot seat. But the tone of that questioning was actually quite cordial. At the end of the panel, Tierney even praised the companies for "trying very hard" to keep sensitive military goods off their sites and acknowledged the rules of the road aren't the most clear.

Based on her article, which reports that Buckmaster and Cohen were treated with "kid gloves" during the session, my prediction is that little is going to be done to regulate the sale of stolen goods on auction sites as a result of this.

Meanwhile, everyone running for office is saying they will be the one doing something about the problem of special interests in Washington.

On a closing note, I want to commend the GAO for their efforts to expose a problem. I'm just saying it's a shame that no one listened to what they were saying, very carefully.

HTML version of the GAO report, here.

PDF version, here.

On eBay, the buyer better beware!

Despite a lot of publicity that eBay is going after fraud, the bottom line is that the buyer better BEWARE when they purchase something on eBay, or for that matter, any digital auction site.

This morning, I read a story from Wales, where a person just got caught selling laptops that didn't exist.

From the Evening Leader:

Christopher Malcolm Amos, from Green Lane, Shotton, admitted swindling customers of the online auction site out of thousands of pounds to fuel his gambling addiction.

Under the user name 'Whitefruit,' the 22-year-old accepted payments from 130 bidders wanting to buy laptop computers.

Some used eBay's PayPal facility, while others transferred the cash directly into Amos's bank account, but nobody ever received their orders.

Please note that at least some of the fraud victims used eBay's preferred method of payment, PayPal.

And Mr. Whitefruit, who I gather is a gambling addict, didn't get into very much trouble for swindling about 100 people. He was ordered to pay some restitution and got a 12 month suspended sentence.

I'm sure eBay fraudsters around the world are quivering in their boots!

I ran into another story in the ChronicleHerald (Halifax, Canada) describing a significantly larger operation involving selling neat "tech toys" that never existed:

Police said Wednesday several complaints about alleged electronic commerce crimes have come in during the past week to 10 days. Customers are from such countries as Australia, Sweden, Norway, the United States, Italy and Estonia. Const. Jeff Carr, a spokesman with Halifax Regional Police, said Canadian EBay users have allegedly been victimized as well, but there are no complaints from the Maritimes.

The person behind this, who hasn't been caught yet was selling laptops that didn't exist.

The story also indicates that PayPal was used on some of these transactions:

He said one complaint, from PayPal of San Jose, Calif., includes more than 100 alleged victims. PayPal, which was acquired by EBay in 2002, is an online money-sending service that provides users worldwide an opportunity to buy and sell goods without sharing personal financial information.

Even when you get the merchandise you paid for on an auction site, you are taking the chance that it is a cheap "knock off," or might be some of the stolen merchandise being fenced on some of these digital marketplaces.

Knock off merchandise can be dangerous when it doesn't work as well as the item it is passing itself off does. Buying stolen merchandise poses certain moral issues, also.

When buying something on an auction site, it is up to the buyer to make sure (beware) they are getting what they paid for. This can include using some good old "horse sense," and being able to realize when the deal you seem to be getting is a "little too good to be true."

Previous posts, I've written about fraud on eBay, can be seen, here.

Evening leader story, here.

I've also written about a company called buySAFE, who certifies sellers and guarantees what they sell. The seller pays for this -- and while I suppose the cost is included in their cost of goods sold -- this might be a good way to avoid fraud without having to do a lot of homework.

buySAFE's CEO, Steve Swoda does a blog, which I read from time to time can be seen by clicking, here.

Botnet owner faces 60 years in prison and a $1.75 million fine

Until recently, botnet owners seemed to be able to trash people's systems without having to face very many consequences. And in a lot of instances, more than a system gets trashed when it is compromised by a botnet owner.

Friday, the Central California U.S. Attorney's office announced the prosecution of one of these botnet owners. Of interest, the botnet owner, John Schiefer admitted to compromising up to 250,000 computers with malware (malicious software).

In the first prosecution of its kind in the nation, a well-known member of the “botnet underground” was charged today with using “botnets” – armies of compromised computers – to steal the identities of victims across the country by extracting information from their personal computers and wiretapping their communications.

The criminal information and plea agreement filed this morning in United States District Court in Los Angeles outline a series of schemes in which Schiefer and several associates developed malicious computer code and distributed that code to vulnerable computers. Schiefer and the others used the illicitly installed code to assemble armies of up to 250,000 infected computers, which they used to engage in a variety of identity theft schemes. Schiefer also used the compromised computers to defraud a Dutch advertising company.

According to the press release, Schiefer and crew seemed to prefer harvesting eBay and PayPal information:

In his plea agreement, Schiefer acknowledged installing malicious computer code, or “malware,” that acted as a wiretap on compromised computers. Because the users of those compromised computers were unaware that their computers had been turned into “zombies,” they continued to use their computers to engage in commercial activities. Schiefer used the malware, which he called a “spybot,” to intercept electronic communications being sent over the Internet from those zombie computers to www.paypal.com and other websites. Once in possession of those intercepted communications, Schiefer and the others sifted through the data to mine usernames and passwords. With Paypal usernames and passwords, Schiefer and the others accessed bank accounts to make purchases without the consent of the true owners. Schiefer also acknowledged in the plea agreement that he transferred both the wiretapped communications and the stolen Paypal information to others. It is the first time in the nation that someone has been charged under the federal wiretap statute for conduct related to botnets.

It appears that the FBI's Cyber Division might have had something to do with catching Mr. Schiefer and crew.

In June, they announced a nationwide initiative against botnet owners called Operation Bot Roast.

Mr. Schiefer isn't mentioned in the release about Operation Bot Roast, but it appears that the FBI is starting to take this activity seriously and is making it more dangerous for botner owners to operate.

When Schiefer pleads guilty to all of this on November 28th, he will face a statutory maximum sentence of 60 years in federal prison and a fine of $1.75 million.

Full press release from the United States Attorney's Office Central District of California, here.

If you have been a victim of a botnet owner, who turned your computer into a zombie you can assist the FBI by reporting the matter at the Internet Crime Complaint Center.

They also have some information on how to avoid having your computer turned into a zombie, here.

The continuing saga of Vladuz and Phishing on eBay

Here is an update to the ongoing saga of Vladuz versus eBay. Apparently, Vladuz, or someone claiming to be him, accessed eBay's servers and suspended some eBay accounts.

Ina Steiner reports on the AuctionBytes blog:

eBay confirmed that a known fraudster had limited access to a very small number of eBay accounts on the eBay.com site and the company appeared to have reacted quickly to block him on Friday. eBay spokesperson Nichola Sharpe said, "At no point did the fraudster get any access to financial information or other sensitive information." In a strange twist, some users reporting the incident said they had been openly critical of a hacker calling himself Vladuz and had been suspended briefly during the incident.

It is strange that some of the people suspended were openly critical of Vladuz?

Notably, this is the first time eBay has admitted Vladuz accessed their servers.

In another development, eBay, PayPal and Yahoo are joining forces to combat phishing. Phishing is a phenomenon that has caused a lot of eBay and PayPal account holders a lot of grief. Experts maintain that eBay and PayPal are the two most phished brands out there.

Phishing is where an account holder is duped into giving up their access information via social engineering (trickery).

The intent of the phishermen, who target eBay/PayPal accounts is normally to take the account over and commit even more fraud.

This activity gets more sophisticated all the time with crimeware (malware) being used (which steals the information automatically), and DIY (do-it-yourself) phishing and hacking kits being marketed in underground Internet forums.

Reuters, courtesy of the Washington Post is reporting:

EBay and PayPal have upgraded their computer systems to support an emerging technology standard known as DomainKeys invented by Yahoo that authenticates e-mail senders are who they say they are, allowing Yahoo to block fake e-mails.

The technology upgrade will be made available to Yahoo Mail users worldwide over the next several weeks, the company said.

If you are interested in how bad the phishing phenomenon is getting, the National Consumers League has a very well written and informative paper on the subject, here.

They also have an interesting document, which although is a little dated, shows the increase in auction fraud and calls out that eBay severed their ties with them.

It should be noted that auction fraud doesn't only occur on eBay. It can and does happen on all the auction sites. The reason we hear more about it on eBay is because they are the used by more people than the other sites.

For the scammers that means there are more potential victims to harvest there.

NCL article on auction fraud, here.

AuctionBytes blog post on this, here.

Reuters story on eBay/PayPal's efforts to combat phishing, here.

Here is my most recent post about Vladuz allegedly raising his head again:

Did Vladuz hack eBay, or is stockpiled stolen information being used to make it look like he did?

eBay responds to the alleged Vladuz hacking incident

eBay is responding to the latest (alleged) attack on their site by Vladuz by confirming that the account information was valid, however the credit card numbers were not.

Here is what the Chatter (eBay's blog team) has to say regarding their investigation:

I've been in touch with our operations and security teams, and I have more information I can share with you about yesterday's incident on the Trust & Safety discussion forum. In brief, very early yesterday morning, a fraudster posted contact information and alleged credit card numbers for about 1,200 members on our Trust & Safety discussion forum on eBay.com.

While the issue was very unfortunate, it was clearly falsified to cause public concern. Early on eBay's teams verified that the credit card "data" did not match anything on file for these members on eBay or PayPal. After more investigation, including phone conversations with many of the members, it appears that these numbers were not valid at all.

Each of these accounts was the victim of an Account Take Over, most likely through a successful phishing campaign. eBay has been in contact by phone with many of these members, and there is a My Messages email going out to impacted accounts to further our reach.

1200 successful account-takeovers is a fairly large asset for a criminal to part with, even if the credit card numbers were no good. In the hand of the wrong people, 1200 eBay and PayPal accounts can be used to commit a lot of crime.

Here is a description of how account-takeovers are sometimes used from my original post on this latest incident:

Account-takeovers enable criminals to scam others, using someone else's information. They can also be used to fence (sell) stolen merchandise with a high degree of anonymity. It should also be noted that stolen payment (credit/debit) card details are often used to purchase the merchandise, which is then fenced.

To cover their tracks, the scammers often dupe people into laundering the proceeds of these sales in work-at-home (job) scams and wiring the money, normally across a border.

Although eBay is stating that the credit card numbers in this case were no good, they are for sale, along with account-takeover information on the Internet. Because this information is sold over the Internet, the criminals are able to buy and sell this information (globally) without ever actually meeting each other in person.

As I stated in my earlier post, phishing is a method, where a lot of personal and financial information is stolen, also.

Thus far, all anyone can do is speculate as to how the accounts were compromised. It will be interesting to see if anyone gets to the bottom of what actually occurred.

The Anti-Phishing Working Group tracks phishing activity and many experts claim that eBay and PayPal are the most frequently phished brands. They also have some excellent information on how to avoid being a victim and what to do if you think you've become one.

Auction fraud doesn't only occur on eBay and can happen on any of the auction sites out there. The criminals behind this activity tend to go after what is the most popular, which probably has more to do with why they target eBay than anything else.

If you get phishy e-mails that ask you to provide your eBay, or PayPal account numbers, the Chatter recommends you report them to spoof@ebay.com or spoof@paypal.com. They also recommend to go to their Security & Resolution Center if you encounter a problem.

Another place to report phishy e-mails is CastleCop's PIRT Phishing Incident Reporting and Termination Squad. Please note you can also report this activity on the Anti-Phishing Working Group's site, also.

Reporting a phishing attempt might prevent someone else from becoming a victim. Sadly enough, if you have an e-mail address, you probably see phishing attempts on a daily basis.

Post from the Chatter, here.

Feedback Farms and the Need for Third Party Verification Sources eBay

Steve Swoda wrote an interesting commentary about Feedback Farms on eBay.

In his own words:

Last week, Ina Steiner documented the basic story of 'Feedback Farms' on eBay.

I have to be honest, these scams continue to amaze me, and one has to conclude that these scams are damaging and undermining the entire feedback/merchant rating system. If fraudsters can so easily create feedback/merchant ratings in the thousands, then buyers will have to increase their vigilance online. From a buyer's point of view, it continues to be more and more difficult to truly discern good from bad.

Link, here.

Steve makes a good argument about how the need for "third party verification" process is becoming necessary for (prudent consumers) in the e-commerce world.

His company (buySAFE) provides this type of service and is free to the consumer, who chooses to shop where their "seal of approval" has been given.

Auction Fraud and the Romanian Connection

(Interesting picture courtesy of Yahoo Group, eBay_scamkillers)

A lot of Internet crime seems to either come from Romania, or is tied into nationals from that country. Yesterday, I was reading about an arrest in the Los Angeles area, where two Romanians were indicted for auction fraud involving wire transfers and identity theft.

Courtesy of U.S. Newswire:

The indictment alleges that Manolache, Salageanu and others were involved in an Internet scam that defrauded victims across the United States by holding bogus auctions on eBay, Yahoo! Auctions and Autotrader.com. The conspirators posted items for sale that were never intended to be sold, then collected money from the "successful" bidders. The victims were instructed by the online sellers to send their payment by Western Union to circumvent online payment systems. Manolache and Salageanu then went to Western Union locations in the Los Angeles area and, using false identification, collected the victims' money. None of the victims received the items they had purchased.

As part of the scheme, the online sellers often masqueraded as Hurricane Katrina relief organizations.

Newswire story, here.

It seems that a lot of the intelligence used to go after Manolache and Salageanu was compiled by the Internet Crime Complaint Center (IC3). They have a page dedicated to this (Romanian) activity, which says:

Auction fraud is the most prevalent of Internet crimes associated with Romania. The subjects have saturated the Internet auctions and offer almost every in-demand product. The subjects have also become more flexible, allowing victims to send half the funds now, and the other half when the item arrives.

Internet Crime Complaint Center page, here.

And there are private individuals, who are fed up with auction fraud originating from Romania. Yahoo group, eBay_scamkillers is one such group comprised of volunteers that actively fight the Romanian scammers.

Here is what they say about their group:

Too many people are being rejected because they fail to properly identify themselves. If we even THINK you are a Romanian, you will be rejected. Take a moment to send a note to the group owner.

We share resources, baiting techniques and, of course... war stories! It's OK to lurk here, but why not join and help us SCAM THE SCAMMERS?

If you are a whiner, please do not join this group. There are plenty of eBay anti-scam forums where people can go to cry on each others' shoulders about their misfortunes.

WE ARE PRO-ACTIVE and WE ATTACK THE SCAMMERS ON MANY FRONTS. We use every available resource to fight back and we are VERY successful.

Link, here.

At first look, the site appears to be fairly inactive, but if you are accepted (after their screening process), they contact you.

Auction fraud is one of the biggest issues in the world of Internet crime. On an interesting side note, this recent indictment also highlights that not all auction fraud occurs on eBay. A lot of the complaints on these two Romanian nationals were from Autotrader.com and Yahoo! Auctions.

There has been a lot in the news lately about flocks of eBay users seeking "greener pastures." It will be interesting to see if "auction fraud" follows them.

buySAFE Protects it's Customers from Fraud on eBay

Fraud on eBay has become a growing concern - and because their internal programs have not satisfied their customers - a new "service" has come into vogue. I recently spoke to Rob Caskey (Senior Director of Marketing, BuySAFE), which is a service that certifies and guarantees purchases on the auction giant; about how they protect purchases on eBay. Rob provided me with a lot of information, including press releases and independent articles, which show how their program works.

A recent press release from BuySAFE said:

(www.buysafe.com), the leading online trust and safety company for e-commerce transactions, today launched the first service that enables Retail Websites to display a meaningful trust signal (the buySAFE Seal) backed with a broad guarantee. Merchants who qualify to use the buySAFE Seal have passed the buySAFE Business Inspection, which ensures the merchant is trustworthy, reliable and committed to delivering on the terms of the sale. These retailers can then display the buySAFE Seal on item listings, which tells consumers the transaction is guaranteed with a surety bond of up to $25,000. Additionally, all buySAFE Bonded Sellers agree to allow buySAFE to continuously monitor their performance. This ensures a virtually risk-free shopping experience.

For the full press release link, here.

In a follow-up press release, buySAFE did an impact study:

The study analyzed 1.6 million item listings from 188 Internet retailers.

• the visitor-to-buyer conversion rate of Bonded Items was 2.1 percent higher than that of non-Bonded items
  
• Bonded Items received 4.7 percent higher prices than non-Bonded items
  
• Overall, using buySAFE increased revenues by 6.8 percent
  
• buySAFE impacted both high and low-end product sales. For example, in the high-end jewelry category, Bonded Items saw the average sales price increase 40 percent. In the lower-end camera and photography accessory category, Bonded Items saw an increase in the average sales price of nine percent.

This study would indicate to me that the greatest increase in sales corresponds with the types of merchandise that are considered "desirable" to criminals, or items that are easily sold, elsewhere.

These are some pretty impressive statistics and when I spoke with Rob Caskey, I asked him for proof that buySAFE actually made good on their claims. The reason I did this is that - eBay claims to provide protection - and I've read a lot of "horror" stories of how frustrating it can be to file a claim.

Rob (Caskey) directed me to a recent story in BusinessWeek.com by Rob Hoff. In his own words, he said:

That said, I'm pretty satisfied now, because I just got a check from buySAFE, the company that offers bonding to online merchants--including Glacier Bay. Essentially, it's a reimbursement for what I paid. Although eBay's feedback system has worked amazingly well, at least for me, clearly it didn't work in this particular case, and I'm sure others like it. I had never paid much attention to that buySAFE seal, but you can bet I will on future auctions.

AuctionBytes (Ina Steiner), also did a story on this.

I've written about the individual (human) frustration of victims on eBay and often commented that they needed to get their act together. Now market forces are beginning to fill the "niche" that they have failed to provide.

Here are some previous posts, I've written about fraud on eBay:

California Issues Alert on Emerging eBay Fraud Trend

Package Deals to Commit eBay Fraud

BBB Worker Takes Job Processing Fraudulent eBay Transactions

Diary of an Identity Theft Victim

How Much Fraud Can e-Bay's Customers Endure

Package Deals to Commit eBay Fraud

Gone are the days where committing fraud took knowledge, or technical expertise. Personal, financial and "how to scam" kits are all easily purchased in IRC (Internet Relay Chat) chatrooms.

AuctionBytes (Ina Steiner) is reporting:

"According to an "eBay scam kit" obtained by AuctionBytes, women are easy marks on eBay. The kit, marketed as "eBay: Women Dough v1.8," contained everything a scammer needs to set up auctions on eBay to sell items they don't own and don't intend to fulfill to "customers."

"The eBay Women Dough scam kit contained three prepackaged high-end auctions targeting U.S. female buyers. The kit included descriptions and photos to include in the eBay auctions with detailed advice on how to list, handle customer service and accept payments."

These kits even contain detailed instructions on how to bypass eBay controls and dupe the potential victim into using unprotected wire transfer services, such as Western Union and MoneyGram.

Full story, here.

Please note that AuctionByte's article also quoted a Washington Post Article on IRC chatrooms written by Brian Krebbs. This article covers the full spectrum of information that is bought and sold in these chatrooms and paints a pretty realistic picture of the activity.

Here is something, I thought was interesting from the article:

"Marcus Sachs, a former cyber-security adviser to the White House who now directs the Bethesda, Md.-based SANS Internet Storm Center, said that if the information posted by the IRC channel operators is legitimate, then they are likely working with people on the inside at the major credit card issuers. But Sachs said he suspects that by "verifying" credit card information posted by other chat room members, those running the IRC channels are more interested in scamming the phishers."

Full story, here.

I guess we now know where all the stolen information from the record amount of data breaches is going. It's being sold on the Internet.

Here is a previous post, I wrote on that subject (data breaches):

Information Breaches, the Human Factor

25 Ways to Avoid Auction Fraud From a Seller's Perspective

Auction sites grow more popular all the time. Because of their popularity, they seem to attract all kinds of undesirable individuals, who are intent on making a profit at other's expense.

Here is a story I found on DailyIndia.com that was originally written by a "seller" himself (J. Foley of JJBargainDeals.com). After reading his 25 tips, I realized this was valuable information for anyone considering doing business on auction sites on how to avoid fraud.

Here are his 25 tips:

1. Stock photos and descriptions, Because they don't have the item they are "selling", some fraudsters use a stock photograph of the item. And they will probably use the manufacturer's product description too. So, stock photos and no original description might be a sign. Search for other auctions by the same seller, and see if they are brazen enough to advertise the same item more than once.

2. A price too good to be true often isn't true, A fraudster wants your money quickly, so you may find they offer to close their auction early with you as the "winner" having bid a price which you know to be somewhat of a bargain. Why would anyone close their auction early if the price hadn't reached market levels? I'll give you one guess.

3. High value or high volume, newly registered sellers, Although the vast majority of new sellers are genuine and honest, be cautious of buying from people selling high value items in bulk, very early on in their eBay career. This pattern isn't quite normal. Think back to your own first sales. You would have been tentative, and probably have tried single, low value items initially. So, a new seller fitting this profile may be someone who has perhaps been previously suspended and has registered another ID.

4. 1 day listings, Although 1 day listing are used by genuine sellers who have more than one item or who want a quick sale, unfortunately this duration is attractive to fraudsters too. They sometimes use a 1 day auction duration to gain a quick sale before their actions can be reported and acted upon. So, be extra wary on auctions with 1 day listing.

5. Invitations to trade off-eBay, This is a classic ploy of fraudsters. Having made some kind of contact with you, or you with them, they will invite you to purchase or to sell off eBay i.e. without using eBay's auction services. The attraction here to the fraudster is that they can drive the transaction along the lines they prefer, whether that be escrow, PayPal etc. Another reason why trading off eBay is not a good idea is that you have to keep your own formal records of the transaction, and you forfeit any cover from eBay buyer protection and PayPal buyer protection. Plus, and this might be a minor point, but you will not be able to leave feedback to let others know your experience with this seller/buyer.

6. Payment methods with no recourse, Fraudsters prefer to chose payment methods in which the buyer has no protection, like wire transfers where the buyer has no way of tracing where the money is going. Western Union Money Transfers and BidPay are favourites and should be totally avoided. Postal orders are similar although they are a popular payment method among the genuine sellers as they require no clearance time. Bank transfers and cheques can only provide the possibility of your bank investigating the details of the account the money was transferred into. For the best protection use Paypal and fund with a Credit Card. Note there are limits on eBay and PayPal protection, and you should make yourself aware of what these are.

7. Unusual sales pattern, If your seller's feedback indicates that they normally deal in collectables, DVDs or other specific items, be suspicious that they are suddenly listing laptops, plasma TVs or other high value items. The change may indicate that this seller's account has been hijacked.

8. Bad english gives you a pointer, Some fraudsters operate from abroad but pretend to be in UK or USA. As they aren't particularly adept at the english language they might use a translation tool like Babelfish to create their emails to you. So, watch out for emails that are not good english. In itself, it doesn't prove anything, there are plenty of genuine eBay sellers for whom english is not their first language. But it might add to further evidence you have.

9. Location Location Location, In the case of lazy fraudsters you might find their locations don't match up. By that I mean the auction says the goods are in the UK, but the seller's ID details show their location to be, say, Ukraine. This is not a good sign. Often in these cases if you contact these sellers you will receive an excuse as to why the item is not in the UK, and therefore can't be collected in person. In short, if an auction says the item is in the UK and the seller says that it is not, I would avoid the auction. And don't forget to cross check with their PayPal account, and see in which country this resides.

10. Ask questions, Always, always ask your seller a question. Any question. Their response, if you receive one, will help you judge how genuine the seller is. Beware auctions that carry a message asking you to contact the seller via a given email address as opposed to via the 'Ask seller a question' link. This could be an account hijacker trying to prevent buyers from 'Asking the seller a question'. They want to stop this from happening because such questions could be routed to the real account owner.

11. "eBay can vouch for me" email, A warning about a relatively new tactic used by fraudsters. If you are proving hard to land as a buyer/seller, they may claim they can get eBay to email you proof of their validity so that you can trust them. eBay, of course, will NEVER do this. The email sent out, however authentic looking, is fake and is designed to get you to part with your money or your goods. This applies equally to Square Trade and PayPal. They will never email you certifying the genuineness of anyone.

12.A PayPal warning, There are fraudsters who use stolen PayPal accounts to accept payments. To lower the possibility of this, check your seller's location as shown in eBay, and then see if it is one of PayPal's permitted countries by clicking here: http://www.workwinners.com/nlr701.htm. If PayPal don't offer their service in the country that the seller resides, be very wary.

13. Passwords, Never have the same password on your eBay and PayPal accounts. Or indeed on any other financial or personal site. Change your passwords every 30-60 days on both eBay and PayPal.

14. Pointers in feedback, Try to read the positive feedback as well as the negative. Read the way your seller responds to negative feedback as this will often give you an idea of how the seller will react if something goes badly wrong. If the seller is offering high value goods, be wary if their feedback has been built up quickly from low value purchases. Also, if the overall rating is good, but there are a disproportionate number of negatives in recent days/weeks, this might indicate the account has been taken over. Finally, be aware that feedback is not the guarantee it once was. Feedback can easily be manufactured. Also, if the user ID has been hijacked, you'll be reading the feedback of the original account owner, not the person with whom you're currently dealing!

15. Credit Card payment, For high value items, or for amounts of money you can't afford to lose, make sure you pay by credit card which has online fraud protection. This will give you some recourse if the seller is fraudulent. In this context, paying via PayPal is not the same. PayPal does have a buyer protection scheme, but there are criteria which the eBay auction has to satisfy in order to qualify. Even if the transaction qualifies, PayPal's standard protection currently has a maximum value of $1,000. Note that payment by debit card provides zero protection.

16. Address and Telephone check, Use the Ask the seller a question link, and request they email you with their address and telephone number. Any reputable seller will give you their address and telephone number. When you get the number, call it, and see if you get through to the genuine seller.

17. Keystroke capturing virus, This is a computer virus which you inadvertently download onto your PC. It's task is to capture the keystrokes you make, and to send them to the virus placer. The fraudster then uses pattern recognition software to identify and extract personal information, like username, password, credit card numbers etc. To avoid this happening to you, it is wise to have good, up-to-date virus, firewall and spyware checking software on your PC.

18. Shill bidding, Shill bidding is where people work in cahoots to inflate the bidding on an item. A seller has a "partner" who makes bids on the seller's items with a view to bumping up the bid price. They have no intention of buying the item. Fortunately, shill bidders and their associated seller can be stupid. The shill bidder will usually makes bids on other items from the same seller. Here's how to check to see if shill bidding is a feature of a particular seller. First, look at the seller's closed auctions over the last 30 days. If most of the closed auctions have no bids, it is unlikely the seller has shill bidders working with them. If all of the closed auctions have bids, take a look at the bid history. See if the same bidder appears in the list of bidders, usually with aggressive bidding and normally at the start of the auction. If so, you may have uncovered a shill operation, so avoid that seller's auctions.

19. Keep your transaction information, Keep your own record of the transaction when you're buying. Don't just rely on eBay. You want a record of the seller's identification, the item description, emails sent and received, plus the time, date and price of your bid.

20. "I noticed your bid...." , Never deal with anyone who contacts you after seeing your bid on another auction. They will say something like, "I saw you bidding on that digital camera. I have the same model available for sale. I don't have time to list it on eBay. It has more accessories than the one you lost out on. You can have it for xyz." If you bite, they'll probably take you down the fake escrow route. Also, if you entertain this proposition, you're operating outside of eBay and therefore have no auction protection whatsoever.

21. Changed eBay ID, Never deal with anyone who has a changed ID icon next to their name. This icon menas they've changed their ID in the last 30 days. Few legitimate people change their eBay ID. When was the last time you changed yours? There's a 1% chance that an ID change is genuine, but 99% that it is fraudulent. Why take the risk?

22. Changed email address mid-stream, If a seller or buyer changes their email address on you in the middle of a transaction, stop dealing with them. It is likely their previous email account was closed down due to some irregularity - such as a previous victim reported them. If you think about it, why would any genuine buyer or seller change their email address whilst corresponding on a transaction they wish to conclude expeditiously?

23. Complications, Never get involved in any transaction where the seller/buyer tries to introduce a third person into the financial arrangements. They might ask you to pay xyz, who will then pay the seller, and you will receive a discount or commission for your co-operation. Such proposals are always fraudulent. They prey on greed. Don't be tempted.

24. Time is of the essence, This is a scam which is has more potential for success than traditional phishing attacks, as it is time sensitive. The fraudster searches for high value auctions that have just ended. The bid history for an auction contains hyperlinks to each bidder. The fraudster checks to see if the winning bidder is selling any items of their own. If so, they go to that auction and embed a request for payment from the first auction within a question for seller. This works because winning bidders are expecting request for payment shortly after an auction ends. A variation of this is to offer a bidder a "second chance". This time the "Ask the seller a question" email pretends that the real winner has backed out, and offers the item at a lower price. The buyer, believing the story, is lured into paying to whom they believe is a genuine seller. Many eBayers have heard of the second chance system, but have no experience of it. This unfamiliarity coupled with the fact that a few weeks might have passed, makes this an effective method for fraudsters. The moral of this story is never get involved in any transaction which arrives in your inbox via the Ask the Seller a Question feature.

25. eBay IDs, Never us your email address as your eBay ID, or part of your eBay ID. Fraudsters have software which monitors internet traffic looking for information such as this. If your eBay ID and email address are the same, it is simple for a fraudster to plausibly communicate with other eBay members in your name.

Perhaps an experienced seller, such as Mr. Foley and his expertise in the auction world can help those, who are new and unfamiliar to the dangers lurking on auction sites.

I written many posts on auction fraud. Here is my most recent one with links to some others:

Phishy E-Mails from eBay/PayPal are at a Record High

BBB Worker Takes Job Processing Fraudulent eBay Transactions

A Better Business Bureau worker was recently involved in eBay fraud by taking a part-time (work-at-home job) processing account receivables for criminals from Eastern Europe. According to her, she even checked them out before accepting the job and found nothing that would suggest a scam.

The job was to process payments (primarily from eBay transactions) and wire the money to her employers.

These scams, known as check-cashing schemes solicit people to process fraudulent financial instruments and wire the money to a far-away locale. Their employers normally prefer the use of Western Union, or Money Gram, which offer little to no protection once the money is sent.

News clip from 9News.com in Denver, here.

There is also another version of the work-at-home scam, which entails receiving the stolen merchandise and then reshipping it.

In work-at-home (check cashing) schemes, the worker is normally instructed to set up an account (using their information and good credit) to process the financial instruments. Quite often, they are held financially responsible after the financial instruments are discovered fraudulent and they have wired the money.

No matter what the scam entails, the fraudsters always prefer "unprotected" methods of wiring money. I would highly recommend NEVER wiring money to someone you don't know, or haven't done a lot of business with for a LONG TIME.

To add to the confusion many auction fraud victims buy merchandise from seemingly highly rated sellers when their account is taken over. Account takeovers are normally accomplished via phishing, where a legitimate account holder is duped into giving up their account information.

Phishy e-mails from eBay and PayPal are circulating the internet at a record rate.

Interesting that the BBB worker was savvy enough to do a little "due diligence" on the scam company, which revealed nothing. When I looked at their site, I found two articles that describe activity very similiar to this.

Work-at-Home Schemes

Work-At-Home-Schemes Now Peddled On-Line

I wasn't able to find an article on the BBB regarding "check cashing schemes," but in reality this scam is nothing more than a "mutation" of the "work at home" scheme.

I'd offer to write it for them, but after writing this post, I doubt they will solicit my services.

It's becoming quite common for organized gangs to set up fraudulent businesses as a front for the various scams out there. They are often complete with office space, telephones and even web sites.

I guess the moral of the story is that when a business has no verifiable track record a prudent person should dig a little deeper? I stole that one from my friend Paul, who writes prying1.

Let's face it, processing proceeds from auctions using your own account and wiring the money to Eastern Europe seems a little risky. At least to me, it does.