eBay Admits Growing Fraud Problems

The Designtechnica News has a good artilce on the growing fraud problem on the eBay U.K. site. Even as eBay touts celebrities using its service this holiday season, the company is facing growing online fraud and complaints of foot-dragging. advertising The end-of-year holidays are important for Internet retailers, and eBay definitely wants access to the spending frenzy as it issues press releases touting celebrities' successful purchases, including consumer electronics grabs by Jessica Simpson, Sela Ward, and Eva Longoria. However, a less pleasant side of eBay is emerging: strong increases in hijacked member accounts, auction fraud, and counterfeit goods being sold over the service. According to the BBC, eBay's director of trust and safety Gareth Griffiths admitted to "extreme growth" in the number of account hijacking and fraud incidents during 2005, and another company spokesperson refused to deny that the number of compromised and hijacked accounts might number in the tens of thousands. Naturally enough, the BBC's reporting focuses on the U.K., reporting that eBay is drawing the ire of both brand manufacturers and law enforcement officials for the amount of fraud on the site and the amount of time eBay takes to respond to requests for information or reports of criminal activity. For instance, Adidas told the BBC up to 40 percent of 12,000 auctions for its goods the company monitored were selling counterfeit items, and clothing brand Ben Sherman said eBay took five days to close a series of counterfeit auctions, by which time many of the items had been sold. Law enforcement officials have reportedly characterize eBay's slow response times as "obstructive;" North Yorkshire Trading Standards claimed eBay took two months to provide information on suspects. Some of the problems faced by eBay are created by criminal enterprises and fraudsters, rather than by eBay itself. So-called "phishing" schemes trick eBay members into revealing their account information, and eBay in part characterizes the growing problem as external to the site and the fault of its users for responding to schemes and not maintaining up-to-date security software. "Phishing" attempts usually take place via email purporting to be from eBay, requiring users to update their account details. However, the links embedded in the message take the user to a site controlled by the fraudsters, who collect the requested account information and use it to take over the user's legitimate eBay account, or sell the information to those who will. (And these phishing email messages are very common: my personal spam folder contains more than 600 such messages I've received since July, 2005—and those are just the ones the spam filtering on the mail servers didn't block outright.) These people then use hijacked accounts to sell counterfeit materials or commit other forms of online fraud. Other legitimate eBay account holders may have their account information compromised by keystroke monitoring programs or other spyware on their computers which relay the details back to fraudsters. Still other accounts may be accessed fraudulently because of weak, easily-guessed passwords. For its part, while admitting fraud problems are increasing, eBay claims to have food relationships with major retail brands and describes law enforcement as very satisfied with the company's level of cooperation. eBay maintains an online security center with tips on how to protect information and accounts, along with means to report fraudulent auctions, suspected scams, and spoof email messages. The security center also features a members forum where security issues—and the BBC's reporting—can be discussed.