back to article 'Fiendish' Trojan pickpockets eBay users

Miscreants have unleashed a new strain of a sophisticated Trojan that targets eBay users by feeding them spoofed web pages containing fraudulent information about high-ticket purchases, The Register has learned. It has already contributed to an $8,600 loss by one eBay member. The Trojan installs a scaled-down webserver on an …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Pirate

    I'd say that...

    I'd say that people that perpetuate such scams deserve to be hung by their dicks, but they obviously are lacking in that dept. Anyone that rips off someone that clearly is not well off enough to absorb such a financial setback deserves to be a street person. I can barely imagine the poor woman's disappointment and humiliation. It might take years for her to earn enough money to make up for what some worthless scumbag so blithely took from her. And while she clearly wasn't extremely computer-savvy, she supposedly had a fully-patched machine with at least fair antivirus installed. Not that any antivirus will protect against everything. Any one of us could make the mistake of clicking a link in an email that looked legit--all it takes is having a long day and a momentary lapse. While those of us in IT would likely notice something amiss on our PCs fairly quickly, the average end user would never notice. Scammers like this should be never allowed to use any technology again--not even electric lights or heat. Perhaps a trip back to the wood and coal days would teach them something. Although I suppose many of them live in countries that aren't too far removed from those days anyway.

    Sorry for the rant---this kind of shit always thoroughly pisses me off.

  2. Lee
    Thumb Down

    Norton AV

    not really a decent Antivirus solution.

    Recently (with a fully up-to-date Nortons install running) my computer began exhibiting symptoms of a virus. Unplugged it from the network, installed Avast, Removed Nortons, Avast found 26 viruses, remved them all, now PC is fine. It runs much faster now too.

  3. Fenton Smith

    Not found by Norton

    I obtained a copy of the ZIP file mailed to the victim. My AVG antivirus spotted the email as containing the virus. The victim said that her Norton AV didn't flag the email and didn't recognize the virus when she specifically had Norton AV scan it. I forwarded the virus laden ZIP file to someone who kept their Nortons up to date. Again, Norton failed to respond when that email arrived or was scanned.

    Conclusion, people who rely on Nortons to find this virus are going to be infected. The best approach is to not run executables, zipped or not, that you receive from strangers.

    The received file attachment was entitled 'ThePictures.zip' or something like that. The executable was something like viewpics.exe.

  4. Anonymous Coward
    Unhappy

    Now this is NASTY!

    Not much one could do about this (except not get infected in the first place).

    This is the penultimate phishing (or is this pseudo phish-pharming).

    Real Nasty.

    Watch out for more of these in the future, its a totally awesome piece of criminality.

  5. Ian Ferguson
    Unhappy

    Moral of the story is...

    ...don't trust eBay or Paypal. I've lost considerable money through them - not as much as this poor lady but still enough to hurt. And like her, I place considerable blame on them for not doing enough to stop this kind of fraud.

    It doesn't make any difference that it was a spoof site - the problem is, eBay have built up a system that is much too susceptible to fraud, and expect people to continue to trust it, when it is so obviously broken.

  6. Anonymous Coward
    Anonymous Coward

    Title

    I would say that the moral of the story is not so much to stop using

    eBay or PayPal but rather to stop using Windows. Try using a Mac

    or Linux system (for the more advanced). A Mac, although on the

    pricier side, costs way less than $8600.

  7. Craig Foster
    Go

    How I triple check...

    I use KAV, but if I get a weird attachment, I upload it to http://www.virustotal.com/

    Scanning with a good AV program is good, but scanning with multiple engines is much safer.

    If it is infected, they'll forward it to other AV Vendors making everyone else safer as well...

  8. Anonymous Coward
    Alert

    You know a drive by

    installing something a bit broader scoped I think I just swallowed my gum. It's not that it would even be that hard to do and it could even be cross platform oh crap.

  9. Jason Rush

    User Error

    This is simply user error, No Antivirus out there can detect every virus or alike the ,minute it comes out, people claim AV being better but i personally have found it lets more viruses pass then any other ( remember a virus is no longer what it was ten year ago ) Adware and Spyware are all a form of a virus just with different name.s. im still baffled why anyone would wire that much money without the car in sight, if your not where the car is you use a service like pay pal to make the payment then you can fall back on there policys if ripped ( Maybe ) there was much more this user could have done to protect herself, people need to start realizeing there is nothing different from the internet and real life, you should be taking the same cautions here as you would down the street.

  10. Anonymous Coward
    Thumb Down

    Ebay Sucks

    Unsurprisingly, Ebay have shot themselves in the foot, a goodwill gesture to this poor woman would have earned them huge brownie points but no, they (as always) refuse to help.

    I wont use Ebay's PayPal service after they miss-used my Debit card details and left me with a £75 bank charge for being overdrawn; made up a line of bull$hit to explain why they had done so when I had proof I had entered payment using a Credit card, and refused to refund me.

    My Bank wouldn't get involved unless I claimed it as a fraudulent payment, and the only person who would suffer from that would be the person I bought the item from, so I declined.

    It seems this woman did everything possible to verify the details were legit, so I hope if Ebay wont cough perhaps Norton should; after all, it is their $hitty software that keeps letting these things through (yes I had Norton and it failed me, when I switched to AVG it identified a trojan that had been sitting on my harddrive for over two years!!!)

  11. Stuart
    Thumb Down

    So, if ebay won't reimburse her...

    ..why haven't Norton stepped in? After all, as previous posters have pointed out (and a lot of us know from experience of encountering NAV) it is a failure of their product that has caused this (and many other) problem.

    Or would that simply cost them too much money? After all, in my opinion, NAV is simply not fit for purpose. And there are so many people out there using it. Well, guess it makes us easy money cleaning their systems......!!

  12. Anonymous Coward
    Pirate

    Norton AV

    I have also had an experience with Norton AV.

    I was a freelancer with a client. Their systems were 'protected' wall to wall with Norton AV, so we all thought we had nothing to worry about.

    One day, being a bit idle in terms of work, I went to the Trend Micro web site and ran their HouseCall utility - it runs their AV without installing anything on the PC. It found (and fixed) 2 viruses lurking on my PC hard disk, which Norton AV hadn't found. And this was Norton AV which was updated regularly and automatically as the company had a contract with Norton (or Symantec, whatever they are called these days).

    Moral of the story: If you've got Norton AV it doesn't necessarily say that you've got full anti-virus installed.

  13. Bemi Faison
    Coat

    Writing on the wall

    Over the past four years, my entire family has migrated to the Mac. The whole "fanboy" thing escapes me - perhaps because I'm pragmatic - so whatever works for you works for you... Which is why I can't explain their choices. "Halo effect" or osmosis, they're now Mac users.

    Yes, I'm the family's Mac admin now, but I was before they used OS X. Problems do arise, but none like the hellfire exploits seen under Windows.

    I don't care why OS X is safer, or whether my family enjoys it or loathes the experience. When their personal data is linked to the Wild Wide Web, I care that they are 99.9999% less likely to be abused by malcontents. I care that the people closest to me are happy and safe.

    Computing without the mortal fear of exploits is akin to driving a car that's not addicted to oil (EV-1 anybody?): You know that what you're doing is different, ahead of the curve, good for you and good for others.

    Some will recognize this woman's plight as the "writing on the wall" for their computing choices. Hopefully, they'll consider a non-Windows system.

  14. Richard Cartledge

    It's a windows thing

    "So she has opted to close down her eBay and PayPal accounts and vowed never again to do business with the company."

    - You can't blame ebay or paypal, it's Microsoft's insecure operating systems coupled with the way they confuse ordinary users through a poor interface.

    PS did you see the yellow bar? WTF!

  15. Anonymous Coward
    Anonymous Coward

    The bank

    she opened an attachment in an email, how many times do we get told not to do that ? Any decent zip program will let you view the contents of a zip file without unzipping it, and who would trust an exe file when you were expecting pictures.

    As for her money, I would have thought the first course of action would be to contact the bank she transferred the money to. They must have records of who had that account, and where there are records, there is usually CCTV. As far as I know, what happened is a federal crime in the USA, so the FBI should have been notified. But I expect she has left it too long, and the trail has gone cold by now.

    I know for a fact I wouldn't be sitting on my ass if someone had ripped me off for that much cash, even if I had to do all the work myself. A hundred you can put down to experience, but over 8 grand ?

  16. Eugene Crosser
    Alert

    Warning flag

    In the old days of Soviet Union, there was a joke around there: a visitor from abroad falls into an open manhole in the street, and complains: "You should have marked it with warning flags, at least!", to which the locals respond: "When you landed in Sheremetevo, did you see the big red flag? It applies to the whole territory".

    In these days when Microsoft is as almighty as the the Soviet Union used to [be perceived to] be, the joke would rather read: "Did you see the flying windows flag when it booted? Well that was the warning sign, it applies to everything you do on this computer".

  17. Phil Endecott

    Don't open attachments

    > She got infected after clicking on the email attachment

    ...

    > "I don't know what i would have done differently"

    What she should have done differently is NOT CLICK ON ATTACHMENTS.

    Surely that's the most basic rule that all windows users must learn. Just don't, ever, ever, open an attachment that comes in an email. Ever. Simple as that.

  18. Nuno trancoso
    Thumb Down

    Once again...

    ... it is Windows fault the user executed an unknown application.

    It's Windows fault that the user was (had to be for the damn thing to get systemwide access) running an account with admin privileges.

    Its the AV's fault for not "automagically" identifying a new virus.

    It was NOT the users fault...

    Business as usual for the "greener pastures" fanboys.

    Dont get me wrong, i sympathize with the ladys plight, but i will not hold her "not guilty". Se was guilty. Her brain shut off at the one moment it should not do so. Cost her 8G.

  19. Dom

    Proxy server vs Hosts file.

    Why go to all that hassle when you can add an entry to the hosts file and make www.ebay.com go wherever you like?

    This story reminds me of another recent Reg story about a phishing attack where the screenshot showed the correct URL in the address bar - are they related?

    And finally - even with Norton being the crap that it is, the user must have ignored a load of warnings in order to run an executable that they'd been sent in email, no?

  20. Phil the Geek

    Blaming the victim

    People keep saying "don't open attachments", and blaming this poor woman for the crime. If she went out alone at night and was attacked would you blame her for that too?

    Non tech-savvy users could be forgiven for asking why they are presented with the option to open attachments if it's such an unsafe thing to do. If their computer does let them open attachments why does it not protect them?

    What if the malware had been introduced by another mechanism, for example a vuln-exploiting website constructed for that purpose. Or even a legitimate website that had been hacked to deliver malware? How could we blame the user then?

    If people stop trusting their PCs to make financial transactions there will be a lot of negative consequences. If we as an industry can't prevent this stuff happening it will drag us all down.

  21. Steven Hewittt
    Flame

    Um, nothing to do with the OS

    In case it escaped you, she INSTALLED the virus. Install anything on any OS and the application will do as it's coded. This is not a Windows worm or even using an exploit. She installed an application and it's malicious. Write one for Linux, Mac, even HP-UX and the app will do as it's told.

    Understand the difference between a virus that a user installs and an application exploit or worm. This was the former. Technology is not really to blame this time.

  22. BitTwister

    @Steven Hewittt

    Not "installed" - just clicked on:

    > "eBay's security team says she got infected after clicking on the email attachment sent in response to her bid"

    Blimey - so that constitutes an application installation on the oh so ready for the desktop Windows platform? From within an e-mail body? Windows won't ever be ready for the desktop until attachments can be opened without fear of something exploiting one of its gaping holes. Well, there are *so* many to choose from - all aided by 'user-friendly features' of the OS.

    > Write one for Linux, Mac, even HP-UX and the app will do as it's told.

    Well it can try, but (1) the application wouldn't run just by clicking on an icon in an e-mail - that's a Windows-only stupidity and another example of it not being ready for the desktop, (2) it would need to be run as root before being able to do anything worrying, (3) there are many forms of an 'executable' file under Linux so something malicious would need to be the correct type and (4) it would need to be written for the correct host CPU - not something Windows has had to concern itself with very much, which must make one aspect of creating malicious code for Windows even easier.

    And (5), for a user to actually succeed and install something malicious into the OS they'd need to work on it and 'get out and push'.

  23. adam

    errr - where are the police?!?!?

    Am I missing the point here --- the woman has the other party's bank details. They have defrauded her of $8600 --- surely there's cause for the police to be brought in on this? Seems to me that the thieves still have to get away with the money.

  24. The low flying Finn
    Flame

    Why in the hell...

    Did she pay for the car without seeing it, without contacting the owner by phone, verifying car details and bank account, and without getting a test drive ?

    Based on the facts in this article, I'd still hit her, but with a solid object for being utterly stupid and avoiding all the precautions anyone with normal IQ should have when buying things which cost more than your daily income.

    Let this be the anti-IT angle. I really think this has nothing to do with anti-virus scanners or malicious software installed on her computer. This was 99% genuine stupidity and 1% of computer problems.

  25. Anonymous Coward
    Anonymous Coward

    Re: Warning flag

    Good story, I like it.

    This has little to do with operating systems, or even AV software - I'm sure we'll see more sophisticated exploits arise, and on Macs too, as the rewards become greater. 8k per gullible person is a rare treat.

    It's all about education. You wouldn't let your kid cross the road if they didn't know to look left & right first, would you? And they wouldn't know unless you told them...or it was too late.

    Education has to start with the software author - warnings about email attachments the first time they appear in a specific context ...

    I mean, come ON we all know .exe files are BAD news.. so WARN people!

    Duh/.

  26. Nuno trancoso

    Apples to oranges

    >People keep saying "don't open attachments", and blaming this poor woman for the crime. If she went out alone at night and was attacked would you blame her for that too?

    Not a good comparison. More along the lines "If she went out alone at night, found a bad guy doing nothing in a street corner, asked him politely to hit her and then blamed him for doing it.

    AFAICS, there is no mention whatsoever that there was any flaw exploitation. It was a simple email attachment. It happened to be an executable one. The user opted for running it, why should the OS stop her? Since when does an OS dictate what i can or can not do?

    Sorry, she has my sympathy, but not a "slap in the wrist and more careful next time". It cost her 8G, might cost someone else much more.

    Its high time we stop looking to technology as a panacea that can cure all wrongs. Its not. Its a tool. Use it the way it is supposed to be used and it will do its job. Use it in a dangerous way and it might have dangerous results. And if that means that Joe Avg can not use a computer because he does not have the knowledge to do so in a responsible way, so be it. We don't let people driver without a drivers license or do surgery without a degree in medicine. Joe Clueless is the reson you have spamm in todays scale and botnets and just abou everything BadWareTM that plagues IT.

    Computers have made themselves trivial and accessible to all users. Unfortunately, that ease of use has a price. The avg user has no clue about what he is using. They do not understand the underlying technology, how can they shore themselves up against this kind of things? Knowledge is power, and it empowers the individual. As long as we keep it "easy for dummies" they will remain clueless and vulnerable. Only through knowledge can they avoid such pitfalls.

    Somewhere along the line we will have to stop blaming this and that for everything. People have to be responsible for their actions. If we keep blaming all but ourselves for the problems, we solve nothing and keep things just the way they are.

  27. Ben

    Still...

    It could have been much worse though ,

    imagine it...... ( music ) ....

    You're still eight grand down ..... and......

    You've got a JEEP .

    soz , coat , cape , winglets etc etc .

  28. Gordon Fecyk
    Thumb Down

    Yes you can blame eBay: they encourage reckless computing

    For a company that claims it is "Java powered,"

    <http://www.java.com/en/ebay7.jsp>

    ...they sure have some interesting Windows-specific things. What's worse is they seem to need admin access to run.

    * Image uploader "enhanced" version is an ActiveX control that does not install unless the user is an administrator on their PC. Sure the non-enhanced javascript-based version works, kinda...

    * Turbo Lister stores a database in an area normally off-limits to non-administrators:

    <http://www.antiwindowscatalog.com/?mode=product&id=113>

    If eBay had real Java applets to do these things, and if they tested said applets on locked down machines, they could help users choose to use their site on locked-down machines. And let IE-refuseniks use it too.

  29. Charlie Clark Silver badge

    Something for the fraud squad

    The only technical solution for this kind of attack would be to prevent PC's from having any form of local name service. Whether a webserver is installed or whether /etc/hosts (or wherever it is in Windows) is immaterial, the user will receive a different URL from the one they are expecting. While this might be desirable and applicable for 99% of PC's it would probably only move the target to the name server configuration.

    The point is that this is not an IT story. It is a simple case of fraud and should be treated as such and the woman should be protected under consumer protection legislation: she has paid for a car and not received the car. The crime is no different to the reported sales of London Bridge to gullible tourists.

    We have become extremely used to the comfort afforded by online services. Why should it surprise anyone that criminals seek to take advantage of that?

    I agree wholeheartedly with those critics of eBay for it's rather cavalier approach to consumer protection as there are more than a few problems with the platform eBay and PayPal which make child's play of abusing the system.

  30. Bhavin Desai
    Paris Hilton

    Chargeback

    There are many stories of PayPal (for eample) transactions where the buyer pays and gets the item, but then does a chargeback (even as late as six months).

    Therefore, surely she can do a chargeback on the destination account?

  31. lglethal Silver badge

    Confused?

    Ok maybe someone can explain how this happened to me, maybe im missing something?

    First she put a bid on a jeep on ebay? Then she receives the email confirmation letter from ebay acknowledging the bid (or the fake one pretending to be from ebay). In this email there's an executable supposedly containing pics. OK yes she's been a bit of a twit to run an executable, but how is it the scammers knew she'd bid on that jeep in the first place?

    Surely ebay doesnt send the email address of every bidder to the seller? So how did they get her email address and know she'd bid on that specific product? Am i missing something here?

    Oh and agree totally that ebay and paypal are absolute bastards when it comes to customer service - been screwed by paypal for £70 because although i checked the e-cheque method of payment for an international transfer to another account they decided to do it as an instant transfer - difference £7.50 for e-cheque, 3.5% for instant transfer (which came to £80+). When i complained they refused to accept that id checked the e-cheque box and basically told me to get lost. Havent used paypal since...

  32. Aubry Thonon

    The real culprits...

    ..., as far as I am concerned, are the whole Web 2.0 bunch - both users and pushers (sorry, developers).

    We (the general public) have been fed the concept of multi-media Mail and we swallowed it. We have been told that our desktop whould behave like a gigantic web browser, and we swallowed it. We have been told that your web-brwser should be abkle to do anything a local application can do, and we swallowed it.

    Is it any wonder remote attacks are so prevalent when we keep on having "multi-functionality" pretties jammed down our throat?

    I do not use Outlook at home. I refuse to read HTML mail (anything that does not have a text-only version gets automatically deleted). I do not use a browser which requires ActiveX to work properly.

    Take back the Web! Fight against feature-creep!

  33. Franklin
    Stop

    No, the real moral of the story is...

    ...never run an executable that you receive in an email.

    Even if it seems like it comes from someone you're bargaining with on eBay. Even if Norton says it's okay.

    NEVER. RUN. AN EXEUTABLE. YOU. RECEIVE. IN. AN. EMAIL.

    Viewpics.exe? C'mon. I don't need to know who it was from or what the email said it was in order to know that's a virus.

    NEVER.

    RUN.

    AN.

    EXECUTABLE.

    YOU.

    RECEIVE.

    IN.

    AN.

    EMAIL.

    ***EVER***!

    While I realize that computer users tend to be naive and credulous, and the real bastards ere are the virus writers, at the same time it's very difficult for me to feel sympathy for a person who runs a file attachment received in an email and becomes infected, regardless of what that person loses as a result.

  34. Anonymous Coward
    Boffin

    Norton AV

    I've vowed never to use Norton AV ever again. They were good once, but now their product is bloated extortionware (in lieu of words to describe a piece of software that demands yearly sacrifices be made to it to keep it functioning).

    As for eBay, I don't really worry that much. I insist on paying only by PayPal unless in the most dire of circumstances. What you get for living in a country where three quarter of the stuff you want is not available locally I guess.

  35. Steven Knox
    Paris Hilton

    Missing Info: E-mail Software?

    What e-mail software was she using? Any I've seen/used recently will warn you repeatedly if you try to open an executable as an attachment.

    For those who don't know: it's not the OS that allows/stops executable attachments from running; it's the e-mail app.

    There are certainly additional protections to be had by running your OS as a non-admin, but privilege escalation holes do exist, so it's not a cure-all.

    So the real question remains: was she using crap e-mail software, or did she simply ignore the warnings?

  36. Peter

    Windows security

    Ok fine, so it is possible to have a more secure setup than running as admin, but I honestly don't believe I know of a single windows user who uses a limited account day to day who is not forced to because they have no admin account. This ranges from lusers to IT consultants.

    Why? Software on the platform expects full reign. It's easier to run as admin than go without flakey software.

    But why? Lazy developers? Or just historical? Or "backward compatibility"? (yeah, bit of +ve spin...)

    I'll say all three. And this probably accounts for well over 95% of these instances.

  37. Nathanael Bastone
    Stop

    I knew it!

    "the company's security team has forwarded samples of the new strain to anti-virus companies so they can add it to the updates they send to customers."

    hang on, read that again..."forwarded samples...to anti-virus companies...so they can...send to customers."

    This is why you don't buy so called 'anti-virus' software, the evil AV corporations are out to get you, REPENT! REPENT NOW! THE END IS NIGH!

    /coat

  38. Anonymous Coward
    Anonymous Coward

    re: No, the real moral of the story is...

    @ Franklin

    Computers + internet are now aimed at and used by people who don't know, don't want to know and don't care what an exe file is. Or a virus. Or the difference between disk and RAM, etc etc. You can tell them. You can tell them in BLOCK CAPS. What they do know is that if you click OK for long enough you get a result, and it's usually the result you want. My kids use eBay, I tell them it's a snake pit, and they shake their heads and think "what's the daft old bugger on about now?".

    They aren't going to understand until they get burnt, and them getting burnt is bad for everyone who works in the biz.

    No rules are absolute - I don't open attachments, I have javascript disabled, I don't buy things over the internet etc etc. Except I do sometimes when I think it's ok. Ebay and paypal make great play of how safe they are and how well they protect people and they should be put out of business. How about RICO?

    It's no good for computer fanboys to hide behind the "user is a wanker" shield; like or not, t'interent is a consumer appliance. If I buy a microwave oven I have a reasonable expectation that it won't cook my gonads while I'm waiting for it to cook my tea.

  39. Luke Wells

    Good old Norton

    First of all, to all the Mac Fanboys "If you buy a Mac this won't happen to you" crap, can I just say STFU! She might not have been scammed on the car purchase if she had a Mac, but then again she will have already been scammed on her computer purchase.

    It would seem that the lady in this story had not done anything wrong, and had pretty much everything in place that you would expect a consumer to have (patches, AV, awareness about phishing, etc) it would seem that Norton AV had let her down. We used to use Norton AV here across all our workshtations and servers . After the e-mail server got infected for the 3rd time (even though Norton was scanning all incoming email.... well it looks like Norton was actually running the incoming email) we decided to change. We now use Kasperkey Client/Server and so far (touch wood) we have not had the same problems, infact Kaspersky regularly gives warnings about e-mails that Norton did not do.

  40. W

    Re: NEVER. RUN. AN EXEUTABLE. YOU. RECEIVE. IN. AN. EMAIL.

    It's true.

    But do we think she knows what an executable file or ".exe" file is? Especially when the default these days is to "hide known file extensions".

    But rewinding a little, there's a time and a place for everything. And, at this time, eBay is not the place for buying cars before seeing them in person. Especially if you're not a motors expert.

    But having chosen eBay to buy a car, I'm inclined to side with the "don't hand over thousands of pounds/dollars/euros for a car before you have inspected the car in question and the keys are in your hand.

    Would this victim go to a doctor for a diagnosis and then eschew the high street pharmacist in order to acquire the necessary treatment via a random email contact?

    Ultimate verdict in this case: User error - see the police about getting your money back, not eBay/Paypal, MS or Norton/Symantec.

  41. Matt Bradley
    Thumb Down

    Ebay refuses to take responsibility AGAIN

    So ebay hosts an auction for scammer, connects victim with scammer, and then because the actual transaction involves the use of a trojan which redirects the final transaction through a spoof site, they simply shrug and says "Wasn't us guv"

    Surely there's some sort of criminal law that covers this kind of activity. Something along the lines of "aiding and abetting" here in the UK?

  42. Pum

    Criminal Fraud

    Sympathies for the victim here. This appears to be a case of criminal fraud, in which case the police should be involved. If the crime crossed state boundaries then I believe it becomes a federal crime, and the FBI would handle it. Nevermind whinging to ebay or Norton, she really should report this to the authorities, if she hasn't already.

  43. Anonymous Coward
    Alert

    Virus Anti Symantecs

    SAV regularly used to quarantine my entire Thunderbird inbox because of some attachment it thought it had found in an email TB had already flagged as junk and sent to trash. If I was very lucky it would let me restore it and I would get my email back, but it was staggeringly easy for it to lose the lot.

    I'm amazed that anyone would buy a car off eBay without seeing it. If it was a classified ad in the local paper, you wouldn't just send a cheque straight off. How was she going to get this Jeep? The UPS charges would be interesting, although maybe she could get a discount because they could drop off some other parcels en route.

  44. Cormac
    Black Helicopters

    Norton AV is bad

    i have also had bad experiances with Norton AV particurally with the bagle w32 virus , it just wont pick it up i got infected twice casue norton failed to dectect now i use NOD32 at work and BitDefender at home both have worked excelentlly and detected ALL viruses i also tested them withthe viruses that norton didnt detect !!! how can this be ... any way NEVER RELY ON NORTON AV .. ITS CR*P

  45. Anonymous Coward
    Anonymous Coward

    Of course...

    Of course, if she had been using Vista she would be using the one operating system that might have warned her about this on its own...

    On another note, Norton is terrible, yet has no need to improve itself because it's sold as part of so many package PCs. In order to fix the problem of people using bad software to protect themselves there needs to be a change in the way that companies such as PC World get away with flogging bad support and bad software to the people that don't know what they are doing.

    Insofar as complaining about Windows is concerned, people are too easily overwhelmed by Linux to make it a viable solution for the general public (although being capable of using Linux might be an interesting requirement for ownership of a PC), and for those of us who like playing pretty games on our PC, Windows is a must, Macs (while I dislike Apple for many reasons, not least their environmental impact) are a decent solution, but their gaming potential rules them out of my home PC decisions.

  46. Anonymous Coward
    Unhappy

    You clicked an email is Paypal/Ebays standard answer to all fraud

    You shouldnt assume that because ebay/paypal say the user clicked an email she actually did, it is their standard answer.

    I would class myself as an mid to advanced user and Im always telling my relatives to never open attachments on an email, never click links from within an email, all the standard stuff to stop infection. With that in mind, I only accept plain text emails, greylist at server end, delete any attachments before they are received that are exe's etc, run 1 anti virus and regularly scan with a second, several anti-spyware packages etc etc all the usual stuff and I never click a link in any email.

    Yet when my ebay account got mysteriously hacked and someone tried to get in to put up fake auctions (although they failed and it got taken down instantly), my paypal account was subsequently locked out, my ebay for some reason was not. They still claimed I had clicked something, which I protested again. The fact I was on holiday and my PC was locked up in my house at the time was irrelevant to them. I had somehow clicked an email from hundreds of miles away, on a pc that was switched off and an email I never received.

    Their first answer is to blame the customer, and they wont admit otherwise because that would cost them dearly. Instead of costing their customers dearly.

  47. Franklin

    @nickj

    "It's no good for computer fanboys to hide behind the "user is a wanker" shield; like or not, t'interent is a consumer appliance. If I buy a microwave oven I have a reasonable expectation that it won't cook my gonads while I'm waiting for it to cook my tea."

    The problem is not the technology; con men have preyed on the credulous for as long as we've been recognizably human. The technology merely makes the credulous easier to exploit, that's all.

    The basic problem here has absolutely nothing to do with computers, and everything to do with the fact that we have a large population of people who believe anything they read without question. "Oh, this executable file will show me pictures of a car I want to buy? This other executable file is from Microsoft and if I run it, I'll make my computer safer? Okay!"

    And credulity *is* a social problem, not a technical problem. The woman lost nearly nine grand because she has been brought up to believe that she can trust the things that she reads. That's a problem that no technological measures can solve.

  48. Anonymous Coward
    Anonymous Coward

    Wait a minute

    I think it is terrible to just point the finger at the victim here. As I am sure all of you have a mother, sisiter, brother, friend etc that also is not the best with computers and would you be responding to them this way? Yes I know many of us our computer savy- but as a friend of the victim and someone who is computer savy I can verify this was a good scam. One the email was in response to an email she sent to the seller from a listing on EBAY for a vehicle. The fact that she initiated contact would already have most people putting their guard down. The email the seller sent was in response and had a zip file attached. Not everyone would have caught this (the zip had an exe. but warning was not given) Anyway this is a big deal because when you get on Ebay and make contact with others listing and selling items - you shouldn't have to think everyone is out to scam you. And then you should have seen her computer. Everything matched up - carfax showed exactly what the seller had told her, autocheck, the seller provided her with all of her checking account information, and her inbox in Ebay showed the vehicle with all details as "won" - and people do have vehicles shipped all over (not ups) but different auto transport companies. Anyway instead of blaming the victim for opening an email- How about the fact that Ebay should have a sign on their website that says AT YOUR OWN RISK- because they are allowing these fraud sellers to list vehicles for ten days at a time. Not that ebay opened the email..... but when you have these frauduant listing being posted for days on end and over and over again something bad as an result is going to happen. These people (she is one of many victims) wouldn't be getting scammed by this if they weren't getting connected with these people on Ebay's site to begin with.

  49. Jonny F
    Thumb Up

    Buyer knows who received the money, FBI informed, etc

    There is a mondo thread at ebay with people supporting this buyer. Helping her clean the PC up (though she has bought a new one to replace it completely), and supporting her in her legal remedy.

    The buyer tracked down the person who received the money - acting as a home business that received bank-bank transfers, took out cash, and did western union out of the country. In this case Greece. "seller" had bank account in maiden name, sent money out of country in amounts just under limit so no ID required, etc.

    Interesting read.. particularly that the US person who transfered the money over seas makes about a 20% cut.

    http://forums.ebay.com/db2/thread.jspa?threadID=1000578265&start=360

    "authorities examined and made a copy of my hard drive. It seemed that they had an idea of what they were looking for ...... I still have received an final it was this..." " but they thought it was the trojan bayrob or very similar last I heard.

    As far as the kvet... That is very interesting I would be curious to know more about this. I know the "mule" in my situation wired it to Greece- I don't know that she new where it was going after that - Anyone know the time difference between Czech and here? Remember I said the time on my computer had been set ahead for my email since this happened?? "

  50. Daniel B.
    Joke

    Green mails and spam

    @Franklin

    "Even if it seems like it comes from someone you're bargaining with on eBay. Even if Norton says it's okay."

    Yipes. That sounded like something out of Dr. Seuss.

    I would not like them

    here or there.

    I would not like them

    anywhere.

    I do not like

    e-mails and spam.

    I do not like them,

    Sam-I-am.

  51. Gennifer Jack
    Unhappy

    From one who almost fell for the scam

    It's almost ridiculous the conversations and judgment of the user that was scammed. I am writing this from my other computer while i try to clean my now completely infected system due to this scam.

    These people that are perpetrating this scam are very slick. They list a car - legitimately, get plenty of bids and interest, requesting interested parties email them if you are serious about a purchase then remove the listing.

    A week later, the seller notifies you saying she'd been traveling on business, she's selling the car that she received in a divorce settlement and wanted to conduct the transaction securely through eBay under the guise that eBay offers Vehicle Protection Plan. The user also provides the pictures of the vehicle that was originally listed.

    BAM! That's where the hack begins. (It could have been earlier in the process but i doubt it.) The pictures are provided in a file name ThePictures.zip. I should have known better but I too have zipped files for family members who's email boxes has limits on file sizes.

    I personally responded to the sellers email with questions expressing interest and the user responded that she'd listed the vehicle and provided both the ebay auction ID and a link to the auction.

    This was a perfect scam in that the website was eBay in every sense of the word in appearance. The url was the same, layouts, etc.

    I had made arrangements with my bank but was trying to get some sort of confirmation that the vehicle existed. I felt somewhat secure in the fact that eBay offered this Vehicle Protection Plan which it stated covered my purchase. Additionally, the page stated the buyers bank account had been registered with eBay and the funds would be held and not released until the buyer had inspected the vehicle - within 3 business days after delivery.

    I was thinking the 3 days would allow me time to inspect and if it wasn't what I wanted, I'd return it.

    I had requested information from the seller on the transportation company and was awaiting a reply when I search eBay extensively for any information on this bank account lock. I sent an email to eBay technical support and posted a message on the discussion boards to see if anyone else knew of the 'account lock'.

    I am very grateful to the eBay Motors discussion group users for responding IMMEDIATELY to my post and providing me information on this scam. I am going to help bring this issue to light and help make those non-techie users a bit more savvy on these ploys.

    I have been notified by a couple of users who had the exact scam pulled on them within the past month-losing their money. I hate to know how many people are waiting on a car they will never receive.

    I will NEVER user ebay for any future transactions. While I believe the biggest part of the scam came with the email, it started with the original vehicle that was listed and removed. This was a vehicle that I had placed in my watched items but it never showed up... Hmmmm. Php code right from the start?

    Oh well... i will continue to scrub my infested hard drive.

  52. Steve Roper
    Unhappy

    Treat these scum as terrorists

    While it's easy end tempting to say "don't use eBay", how long will it be before these bastards can start spoofing bank and investor websites? This has the potential to kill ecommerce stone cold dead.

    While I was impressed to see some spammers cop 25 and 30 year jail sentences, and about time, it isn't helping where the scum reside in places like Russia, China or tinpot African dictatorships. How about using "extraordinary rendition" and covert extraction ops to nail some of these bastards as well as terrorists and send them on a Gitmo holiday? If these countries don't give a shit about their citizens scamming the rest of the world, I don't give a shit about their citizens getting rendered to the gulag without trial. Better them than our own citizens living in fear of unjust rendition! Destroy our internet, lose your freedom. Maybe that will make the buggers take notice that we are deadly serious about stopping this shit.

This topic is closed for new posts.

Other stories you might like