Comment The problem is stupidity... (Score 1) 522
eBay has traditionally worked well because of the level of trust between buyers and sellers.
Due to some level of user stupidity, the trust system has been compromised.
For example, if a user signs up for an account on a website of ill repute then it will be child's play for the Administrator of said site to get access to this information. When you sign up for an account somewhere, you can only assume that they are encrypting this information, but it's difficult to verify. Just because there are stars in the web form, doesn't mean it's encrypted ;)
Now - what if this user uses the same username and password for an eBay account. After all users aren't that bright and use username and password combo's for several sites across the internet - because let's face it, passwords are just too hard for users to remember.
The administator of the site just trys username and password combinations until they get one that gets them into eBay. They look for an account with a positive feedback score that hasn't been active for a while and start posting items.
Additionally, combine the Phishing schemes that were mentioned in the article with the types of users that were just discussed and you have perfect opportunity for fraud.
Now - How is any of this eBay's problem? eBay sends out regular emails trying to educate users about the dangers of Phishing schemes. eBay suggests to use a unique username and password. eBay tries to protect both buyers and sellers.
My recommendation: YOU should implement personal policies about using secure and insecure passwords on trusted and untrusted sites. And for the love of everything good... Why would anyone ever respond to a Phishing email?
Stupid! Stupid! Stupid!
Due to some level of user stupidity, the trust system has been compromised.
For example, if a user signs up for an account on a website of ill repute then it will be child's play for the Administrator of said site to get access to this information. When you sign up for an account somewhere, you can only assume that they are encrypting this information, but it's difficult to verify. Just because there are stars in the web form, doesn't mean it's encrypted
Now - what if this user uses the same username and password for an eBay account. After all users aren't that bright and use username and password combo's for several sites across the internet - because let's face it, passwords are just too hard for users to remember.
The administator of the site just trys username and password combinations until they get one that gets them into eBay. They look for an account with a positive feedback score that hasn't been active for a while and start posting items.
Additionally, combine the Phishing schemes that were mentioned in the article with the types of users that were just discussed and you have perfect opportunity for fraud.
Now - How is any of this eBay's problem? eBay sends out regular emails trying to educate users about the dangers of Phishing schemes. eBay suggests to use a unique username and password. eBay tries to protect both buyers and sellers.
My recommendation: YOU should implement personal policies about using secure and insecure passwords on trusted and untrusted sites. And for the love of everything good... Why would anyone ever respond to a Phishing email?
Stupid! Stupid! Stupid!
