This time with a planet x listing:

http://www.ebay.co.uk/sch/i.html?_odkw=wheel+truing&_osacat=888&_from=R40&_trksid=p2045573.m570.l1313.TR0.TRC0.H0.Xwheel+truing+planet+x&_nkw=wheel+truing+planet+x&_sacat=888

View the listing for the stand for £99, but don’t enter your ebay credentials.

How does it do that? Even does it in the iphone app.

I think this is one scam I’d fall for.

How do you keep finding these, OP?

http://singletrackworld.com/forum/topic/ebay-hacked

How does it do that? Even does it in the iphone app.

Javascript redirect more than likely.

eBay in not giving a shit about end user’s security shocker. For example, I cannot even file a report on the redirect, as eBay doesn’t list it as an available option.

I must admit, I have seen this on fake listings, or hacked accounts. Wondering how it is injected into a what seems to be a listing from the legit Planet-X account.

Blimey 😯

If you use Firefox, install the no-script addon. It will alert you to this kind of phishing attempt.

Chrome blocks it as well.

How do you keep finding these, OP?

http://singletrackworld.com/forum/topic/ebay-hacked

Total fluke I suppose. Why? Do you think I’m the culprit, lol?

I made the mistake of clicking that link and it opened with the eBay app on my phone – am I doomed?

Jamie

eBay in not giving a shit about end user’s security shocker.

Too big too fail in their considered opinion….

What does it do? Nothing happens in my android browser?

Watch the address bar; when you click on the ad (i,e description) the address changes/directs you to a fake login page.

As mentioned, don’t type in your details!

I believe it’s an XSS (cross-site scripting) exploit. Cropped up on here a little while back.

http://singletrackworld.com/forum/topic/ebay-hacked

Particularly nasty. Googling variations on “ebay javascript xss redirect” returns articles going back to 2007. Either eBay CBA fixing it, or they keep fixing it and new exploits get found. I’d really rather want to hope that it’s the latter.

Oh yes. A good one that!
On my computer I use WOT which is good for stuff like this. But on my phone may not have noticed!

Jamie, wouldn’t ‘Search and Browse Manipulation’ be an appropriate report option? I tried the link on my pad, watching the address bar, and the .fr address might have caused me to stop and think before carrying on, but it’s difficult to say whether I’d actually notice if I was after something in a hurry.

I found it this morning too. There is a site called “phishing watch” or something similar which has a flag up for the totally unrelated site the fake eBay login page is hosted on. The site is an otherwise-legit looking one for a company that detects underground cables for construction industry, so I assume that they have been hacked as well. I couldn’t find a way of reporting it to eBay since the redirect to the phishing page was within a second of loading the listing page itself. (Safari on iPad) so I sent a message to the seller ( ie whoever maintains Planet X eBay account) to tell them.

[edit] just had another look. I am now getting a 404 message from the underground cables page as opposed to a very convincing looking eBay login page hosted by them. So perhaps the host site has fixed something from their end. Not bad for a relatively small weekday company on a Saturday afternoon. What a pity the 24/7 internet giants ebay don’t seem to have been as quick off the blocks. 😕

Just goes to show that it is still like the wild west out there after 20ish years of www.