I found a rather different redirect last night on ebaY. One "seller" (victim) stlov44 ( 52 ) had 2  hijacked listings, one for  Corvette, one for a Mini-cooper.
 
  The Corvette listing was a variation of the theme where would be victims are lured into clicking on the listing when they see a yumstress there in the picture. This one had clothes on. Imagine that.
 
   I captured this incident because the host page of the hacker's pharming page had already been taken down, and in it's place a page from Afraid dot org. 

  The listing for the Mini-Cooper had an embedded flash object which redirected to the same page.

  Please take a couple minutes to view this video, (silent, 1:40 length) most likely to be going onto youtube, as comments there are indicating that some folks still do not "get it" and/or have once again decided to accuse me of somehow faking these videos. Ahem...  Unless and/or until someone can PROVE that, back off!

  Sidestepping now and looking over at my other blog at Wordpress.com, ebaY has been graced with yet ANOTHER lawsuit. (omg! How many altogether/for each different issue is that now? They are being eaten alive with lawsuits!) LMAO!

  I contend that they are also responsible for each & every case of ID theft/account take-overs and the scams lain upon hapless users which have occurred since this redirect flaw was brought to light and posted at the US-CERT site. Ebay needs to have someone skewer and roast them over the issue. Maybe I will get my chance for a vicarious thrill.

  Oh, yes, the flash manipulation redirect, although it works in a different way, ebay still knows full well that there is harm there for users, and has the sole ability and onus to correct it. (Along with all the variants of the "overlay" methods too.)
 
  I have no idea who reads here, but again, the flaw is ALL ebay's fault.  Folks go to the site with a reasonable expectation of safety, & indeed ebay touts IT's site as "safe" (and further, they claim responsibility for keeping IT safe.)

  What is occurring on the sleazebay site is tantamount to folks going to the mall, where trapdoors, muggers,  and imposter checkout ladies/ bagboys... whatever are everywhere, or users being mugged and robbed and ripped-off inside the mall etc. (That were allowed in by the owners, and from which the owners derive profit over & over & over, and turns IT's back on and BLAME the USERS.) What part of that is right? What part of that is honest?

  Would you recommend anyone going to a place like that? Or would you steer folks away and would you do whatever you need to to SHUT IT DOWN and FORCE the sleazy slumlord/landlord to clean it up? Lots of towns and cities even have ordinances which condemn and even RAZE  problem properties such as IT would be.

  ebay is the Skid Row of internet commerce

  They have hidden behind that tired old weasel phrase "just a venue" long enough. It would be different if they actually were doing anything to correct it, instead of giving the site a new look and/or trifling with feedback stars, match-em-ups, censoring the forums, proactive fraud reduction song & dance routines, blabbering double-speak, or whatever silly, worthless CRAP they have been up to.

   Psssst, if anyone from sleazebay is reading this, do you know what you get when you put a hundred dollar dress on an old hooker? You get a festered, scabby old hooker in a hundred dollar dress. Nothing more.

  These clowns need to be hit with another lawsuit over the redirect and the email phishing issues. A lawsuit which is NOT settled out of court. A lawsuit which they are finally forced to admit wrongdoing, and PAY! Now is the time to pile on!

   Anyone knows the obvious cure for the problem is to disallow any forms of active scripting within the listings, and to nix all html and links in their emails.  Ebay sure should know IT by now. The only conclusion is that all this is purposefully done/allowed (because they gain profit from it, or are too lazy, stupid, or plain just do not care).
 
ebay could end it all in one fell swoop, simply by not ignoring that which is obvious.

 IDIOTS!!!     

  Again... one needs seriously wonder if somehow ebay is not turning a profit on the redirects (& ALL the other scams within the site), because if it was costing them money, they would have corrected it by now.  Oops, scratch that thought,  WE ALL KNOW they profit, at the expense of the users. In case no one was aware, ebay has done everything in their power to avoid any regulation and keep the fraud. Someone could write a book about that angle alone.
 
   I have a sneaky hunch that ebay hates lawsuits, and the mention of lawsuits more than IT hates embarrassing videos and blogs.

http://budmalcolm.bravejournal.com/entry/23954

There are no comments to this entry.