JavaScript XSS Cross Site Scripting Redirect Caught On Screen Video

eBay XSS Redirect Scam Video 01/20/2014

Watch as this scam listing and 2 others uses an uncorrected XSS Cross Site Scripting Vulnerability and whisks me off to a hacked website. Phishing Fraud and Identity Theft can then occur! Fraudsters hack a website and create a directory just above it’s public root. They then upload their scripts and images etc. Then plant their sucker bait and wait for a victim to swallow the hook. I know we have been reporting this kind of phishing fraud for more years than i can count. In our archives there are several other…

BestAtvStore.com XSS Cross Site Scripting Fraud

best atv store fraud video

This poster on eBay’s Motors Forums claimed he was redirected to www.bestatvstore.com after clicking on an eBay internal link. That sounds like another eBay XSS Redirect that has been uncorrected for many years. Hey John Bodine.. Why don’t you post in one of your eBay forums “we heard you and have fixed that redirect vulnerability.” Watch that post go Poof! LOL!! Actually today a Google Safe Browsing look up on eBay.com showed 74 Scripting Exploits, and 3 Trojans. And this US-Cert Vulnerability Note VU#808921 warns of this scripting vulnerability: eBay contains a…

Chevy Tahoe eBay XSS Cross Site Scripting Fraud

eBay XSS JavaScript Cross Site Scripting

These are the same 2007 Chevy Tahoe Photos that scammers used last month to redirect potential car buyers OFF eBay to a Fraudsters Trap. One user lost $15,200 to the same scam last month. eBay told her it was an off eBay deal and they would not cover it under their Vehicle Purchase Program. She was even told by eBay’s Live Help it was legitimate and covered under their vehicle purchase protection program. That’s a lot of money to loose! Can you imaging making payments for several years because you never…

eBay Employee Busted On Fraud Awareness Website

Are eBay's Ears Ringing

It’s interesting that someone behind eBay’s Corporate Network would be commenting on posts on this website. Though they usually go through a proxy server to hide their true identity. This commenter followed a link to one of our postings over from Cappnonymous forums (another thorn in eBay’s side) where someone posted a link to THIS POST we published a few months ago about a Harley Davidson that had it’s odometer tampered with. NetRange: 216.113.160.0 – 216.113.191.255 CIDR: 216.113.160.0/19 OriginAS: NetName: EBAY-QA-IT-1 NetHandle: NET-216-113-160-0-1 Parent: NET-216-0-0-0-0 NetType: Direct Assignment RegDate: 2003-05-09…

Rise And Fall Of eBay Motors Credibility And Trust

Documentary What Happened To eBay Motors

Video documentary about how corporate short term gains and massive concealed auction fraud killed eBay Motors. The most trustworthy vehicle trading venue ever conceived on the Internet! eBay Motors original concept was to sell and complete your car sale on the motors website. It was a suspendable offense to lure a buyer off the motors site to make a deal. Sometime after John Donahoe took over as eBay CEO those rules were apparently relaxed. A new fee structure for car dealers was $50 per car, plus listing upgrades, with no…

10 Years Watching eBay Car Scams & Auction Fraud

Medved eBay Auction Chart 03/05/2007

Summary of 10 years watching eBay Auction Fraud and Used Car Scams. Buyers and Sellers were conned out of their money by slick talking fraudsters and bad sellers. These observations destroyed buyer and seller trust and well established community values. It is Doc’s belief, had Meg Whitman taken a stand against fraud and misrepresentation back in eBay’s early days, they could have nipped their auction fraud problem in the bud. But obviously corporate insiders were more interested in stuffing their pockets full of cash. Rather than working on long-term-goals that…

How eBay TRS Seller StupidToy99 Lost $8500

How StupidToy99 Lost $8500 On An eBay Motors Car Scam

Looks like that old eBay XSS Cross Site Scripting Redirect snagged another victim. $8,500 is a lot of money to lose. Cover your butt and be sure a deal is for real! Don’t become another victim of Internet Phishing Fraud! “From this eBay Motors Post: An eBay shooting star TRS power seller stupidtoy99 lost $8500 on an apparently bogus eBay Motors car listing.” In Dec. I bought a car on ebay.Turns out it was a fake listing with fake payment info (I was on WWW.EBAY.COM) Apparently ebay & my computer…

High Feedback eBay Member Defrauded Of $15,200

xss redirect fraud ebay motors

Here is the story of an eBay member in good standing since 2001 with a total feedback score of 812 – that is 100% positive. It appears this member was the a victim of xss cross site scripting redirect fraud. In this eBay Motors Forum thread he claims he was scammed out of $15,200 on a vehicle. Naturally eBay is not helping and the eBay Motors VPP is denying claim because eBay pulled the listing as fraudulent. Member oi8abug said in this discussion board thread that eBay live help was…

eBay And Member Security Still Does Not Compute

eBay And Member Security

Another dangerous eBay security vulnerability was recently discovered by researchers. This allows fraudsters using a highly advanced coding technique known as JSfuck, to install malware on unsuspecting members smartphones. We have been observing eBay security vulnerabilities back as far as 2004, examples are Here Here and Here. Why they allow this sloppy security is anyone’s best guess. But we believe profits trump good security. 😆 From arstechnica.com: eBay has no plans to fix a “severe” vulnerability that allows attackers to use the company’s trusted website to distribute malicious code and phishing pages,…

Motor Vehicle 00000000000000000 Fraudulent VIN

eBay Motors Invalid VIN On 2011 Porsche Panamera 00000000000000000

eBay still allows 17, 0’s or 1’s, etc, for a VIN Number on late model automobiles. This 2011 Porsche Panamera was listed with 17. 0’s and was accepted by the system. Listen to this podcast back in 2007 where Micheal Donahue of EauctionAir.com talked about scammers using this sloppy code to scam vehicle buyers. eBay never fixed this vulnerability just like they never fixed the XSS Redirect URL Vulnerbility.” It’s called SUCKER BAIT Folks! Don’t be a sucker and swallow the Hook, Line, and Sinker! 😉 Read Doc’s popular article “Used Car…

Whats Your Chance Getting Infected By eBay Malware

Feel Like Gambling?

Could you get infected with Malware just by visiting eBay.com? Doc read a motors forum discussion about eBay TRS StupidToy99 got a computer virus and was scammed. The fact is there are Malware Trojans and Exploits on eBay.com. It’s a well known fact among savvy internet users like myself. And it’s been this way for quite a long time. Cappnonymous produced this video about eBay exploits and malware on 10/12/2011, and according to today’s Google’s safe browsing report, it’s still an ongoing concern. Going shopping on eBay is somewhat like…

eBay Suspends DocsQualityCars Account As Fraud Runs Rampart

DocsQualityCars eBay Sellers Act Suspended

eBay Unjustly Suspended Docs Quality Cars Sellers Account along with a couple of board posting ID’s in January 2006. So in late 2010 he decided to register another account to buy a few small items. Naturally Doc was attracted to the Motors Forum and was chit chatting with the regulars he was friends with. Unfortunately for Doc he couldn’t resist helping out prospective buyers who were asking for advice about a car for sale. As usual suspected phishing scams were running right under their nose. And they couldn’t have Doc…

eBay XSS Redirect Scam Caught On Screen Video

eBay XSS Redirect Security Vulnerability

Watch as this Chevy Tahoe eBay listing redirects me off of eBay Motors to a fraudster controlled website, where someone’s Identity and Money will be stolen! In order to capture this scam on screen video Doc used his Blackberry as an IP Modem to slow the action down. Normally the second you enter the hacked eBay listing you would be swept away without a clue. That is unless you are watching your web browser’s URL Window! eBay is without a doubt NOT SAFE! These redirect scams have been going on at least…