In some the recent cyber attacks, eBay and its users were compromised by using some of the traditional attacks in a new way. The malicious hackers this time took the help of phishing pages. Phishing is a technique that is used by hackers to make users sign in onto a fake legit looking pages of the websites. However, the hackers this time didn’t follow the traditional way and uploaded the phishing pages via the product listings.

According to the security experts, hackers listed their products on the eBay, which were linked with a phishing page, as soon as the user clicks on the page, it is taken to a fake login page. Everything was looking legit, and no one had any idea about it until random purchases and transactions came up in the log.

Hackers were able to take over a user account once they log in through that phishing page, eBay on this said, “criminals intentionally adapt their code and tactics to try to stay ahead of the most sophisticated security systems.”

However, the spokeswoman said, “This is not a new type of vulnerability on sites such as eBay. This is related to the fact that we allow sellers to use active content like JavaScript and Flash on our site. Many of our sellers use active content like Javascript and Flash to make their eBay listings more attractive. However, we are aware that active content may also be used in abusive ways. Cross-site scripting is not allowed on eBay, and we have a range of security features designed to detect and then remove listings containing malicious code.”

The company has a bad reputation about not responding to the security threats as quickly as they should. The experts say that the company must act swiftly to remove these types of vulnerability. It is near impossible to make a website this large free from vulnerabilities, and the one like XSS can easily make their way into the product, however, a quick respond is required to fix them.

About The Author

Abby is fun loving yet serious professional, born and raised in Sioux Falls, SD. She has a great passion for journalism, her family includes her husband, two kids, two dogs and herself. She has pursued her Mass Communication graduation degree from the Augustana College. She is currently employed at, an online news media company located in Sioux Falls, SD.

Related Posts

2 Responses

  1. Rupert_Pupkin

    eBay punked their shareholders and site members over the hacks. Management stonewalled announcement of breach in hopes of maintaining stock price.

  2. Hacker Attacks, Data Breaches and Cyber Claims | Cyber Insurance Update

    […] 22, 2014: The Westside Story eBay user credentials compromised, crucial data exposed to hackers… More Info September 20, 2014: Wall Street Journal Western-Wear Retailer Sheplers Reports Data Breach… More […]


Leave a Reply

Your email address will not be published.