I enjoy Ebay alot, but their security procedures leave so much to be desired.

This morning I found 12 unauthorized listings on my account. When I clicked on live help....I get a message saying live help is offline for the moment. On a weekday, in mid afternoon, with...80, 100 million users....and no live customer service??? That blows my mind.

I deleted the listings, got my account secured again, and everything seems fine. I'm not worried about the money, or not getting credits for the listing fees. It's the trust factor and the competence of their security procedures that worries me.

I live in California and these were one day auctions ending in London?? and that didn't bring up a red flag? A different IP address was used to log in, and that didn't bring up a flag? A rash of electronics being sold (I imagine that's one of the most common thing listed)?

It seems like it'd be so easy to check a box on the "my ebay" page indicating that you'll only be selling items from one IP address. It's probably true for 80 or 90% of the members. Wouldn't that dramatically cut down on the amount of fraud?

I was also suprised that they don't track where items are located? How many people would be listing things in California two days ago, and now I'm selling thousands of dollars worth of stuff in London?

It's only happened once before in the last 7-8 years that I've been using it. But with the rash of spoof emails going around, I thought their security procedures would be much different. Imagine if they're bidding on stuff, if they lock you out of your account, if they get into your credit card info. Thankfully nothing like that has happened.

Their email customer support said a response would come in (24-48 hours). That's not going to help very much if you've got a bunch of auctions ending in a day. Imagine being a huge powerseller with hundreds or thousands of listings? What a joke.

What specific things could be done to improve security?

I've been a member since '97 (back when you could browse every item on ebay, in all sections, in one night) and have never had any problems with my account being hijacked or anything.

that does suck though. Maybe I've just been lucky.

In a world where just about everyone is online why would someone bat a eye at listing something in Cali on one day and in London on the next?

Listing something for a friend, just moved, etc. These are valid reasons and with hundreds of thousands of auctions listed regularly can you imagine the type of Database it would require and the amounts of active queries on said DB to track every item listed by each member and then form a history so they can red flag them? Its a nice thought but its way more work than they would partake for the potential upside of it.

As for a singular IP, unless you own a IP on your site most people will have DHCP of some sort, even the cable modems floating around aren't static IP addresses, they can change as well depending on lease dates and all that.

Understandable requests but really the best way to make sure your ebay account is secure is to be carefull with it. Never let your account be cookied, don't store passwords locally, never share your password with anyone, and make sure you log off when your done.

i never had a problem with my eBay account getting hacked,but your story makes me wonder if you may have answered a phishing e-mail,one that purported to have come from eBay but really wasn't,if thats the case i would check with any CC,Bank Account,and PayPal addy assoc. with that acount.

I don't think it was a spoof email. I only respond to the messages in "my ebay". I'm also good about changing my password every so often and keeping it a certain length and complexity. And obviously not using it for any other site and keeping it secure. That's why it was strange.

They have to balance ease of use with security. I'm not a techno whiz at all, but it seems like some of the red flags would be very obvious (given the past usage of a hundred million people, or whatever the number is).

It makes you think. Now I want to get back to looking for more Joes...

Hmm,

Really weird...

Ebay's been kind to my family. Just this last summer my father had his account hijacked and a few listings went up that he didn't post. It happened in the middle of the night, and by the next morning, ebay had already caught it, ended the auctions, creditted his account and notified him via e-mail that his account had been hacked and that he needed to change his password.

And the only way we actually found out all this had happened... They shut down 8 auctions, 3 of them actually where from him earlier in the week. We noticed the auctions were gone, thought we had violated some rule and checked the history and saw everything that had happened.

Tanner

My account was hijacked once. They got it through my hotmail account through a spoof email. I contacted customer service and they stopped it almost immediately. Somebody rang up a couple of hundred dollars in fees selling auto parts in the space of half an hour. All said, my account was down probably a total of 6-10 hours. I never even open emails from ebay or paypal anymore; I just forward them to their spoof departments.

once

i stupidly read an "eBay - warning your account is suspended" email
so i logged into the link that REALLY looked like an eBay link
two days later i was selling $1500- cameras apparently :mad:

just a warning for you all
dont EVER respond to any of those emails that say your account is about
to get suspended, or personal information needed...

It got jacked a few months ago. Someone tried to buy money for Lineage (sp?) To the tune of $450. Well for 14 days I had no cash. It was "in between" paypal and my bank account.