A new eBay classifieds scam is targeting payment and online banking data. Apparently, buyers and sellers whose telephone numbers can be seen in their ads or who have passed them on to other users on request are affected. The scammers contact their victims via SMS or messenger service and pretend to want to process payments using the eBay payment method “Pay safely” or, for example, via a “delivery service”. The fraud victims should follow a link for this.
The aim of the phishing fraudsters is the payment data of their victims or login data for their online banking access. It has also happened that victims of fraud should pay by credit card. But there are ways to protect yourself: “We strongly advise our users to only process transactions via our website or our apps,” said Pierre Du Bois, spokesman for eBay classifieds, to heise online. In addition, users should not respond to SMS and Messenger messages related to eBay Classifieds, or click on any links in those messages. According to Du Bois, these measures also protect against many other phishing methods.
Do not put the phone number on the network
As a rule, there is no reason to communicate with customers or sellers outside of the eBay platform, stressed Du Bois. eBay can better protect its users on the platform; new measures have been taken there in recent weeks. Among other things, eBay has adjusted text and image filters to make phishing attacks more difficult, the spokesman explained. In the future, users should be able to choose individually for each ad whether their phone number should be displayed in it. In general, however, it is advisable not to reveal your telephone number carelessly on the Internet.
Users can report suspicious ads to eBay classifieds. To do this, click the “Report Ad” link in the right column, just below the Ad ID. If someone is a victim of the phishing attack, he or she should contact eBay classifieds customer service and report the incident to the police. eBay then worked with the police to pursue the case.
Phishing attacks are always a problem for users and operators of different platforms. Recently, for example, the BSI warned of fraudulent e-mails in the context of the Ukraine war. Providers that inspire trust or authorities such as the BaFin supervisory authority are often misused by phishing fraudsters as false senders.
(strong)
–