A Tel Aviv security company says eBay has been targeted by slick, sophisticated identity thieves. The attack starts with genuine web sites that have been hijacked, and compromised with malicious code. Visitors to these sites are redirected to another site, where a Trojan hijacks the PC and makes it part of a botnet.
Then the hijacked computer connects to eBay and tries to find valid username/password pairs. Eventually, with time and enough computers in the botnet, some valid logon details are found.
This campaign may have started quietly in early August. Not much is known yet about what the hackers do with the info. But an eBay user in Texas claims someone in England hacked into his account, changed his personal details, and is trying to conduct transactions, presumably under his name.
Remember that if your eBay account is compromised, so may your PayPal account. Perhaps this is a good time to change all your passwords.
Ebay has not responded yet to the problem.
Most of us have joined many programs and web sites on the Internet. The attacks on Monster.com and now eBay are an object lesson to minimize the number of places we join. In addition, if you are not actively using a program, cancel your account with it.
Syd Tash is a noted computer security consultant and author of How to Protect Your Computer Online. He has been keeping Internet surfers safe and secure since the last century. Find out how he does it; protect your own computer with five layers of protection right here: =>http://mypcsecuritysite.com
You may include these Tips in your web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and web site.
