Hi everyone,
As a former law enforcement officer this kind of fraud really makes me cringe because it could have been easily avoided! Recently we learned about a woman who was victimized by a fraudster because she didn’t realize that there is no relationship between Craigslist and eBay postings, and did not follow eBay’s general buying safety tips: mainly, if it looks too good to be true, it probably is! These types of scams are getting more common, so please beware. Here is a step-by-step account of what happened: (More …)
Posts Tagged: fraud
-
31 Permanent link to UPDATED – An Anatomy of Fraud: Don’t Let it Happen to You UPDATED – An Anatomy of Fraud: Don’t Let it Happen to You
FEATURED POSTRichard Brewer-Hay / Tuesday, January 6th, 2009
UPDATED – An Anatomy of Fraud: Don’t Let it Happen to You
-
FEATURED POSTRichard Brewer-Hay / Monday, July 28th, 2008
Busy on the Boards today…
Two more General Announcements went up today that caught my eye…
***A Message from John Canfield: Update on our Fraud Prevention Efforts***
John Canfield, Senior Director of eBay’s Trust & Safety team, made an AB post earlier today updating folks on eBay fraud prevention efforts. On the whole, the post makes for a one-stop repository of all things related to fraud prevention on eBay (I count over 12 links to various best-practices, FAQs and announcements) and think it would be worthwhile for folks to bookmark the post for future reference when faced with a question or concern related to fraud and/or T&S.
(More …) -
FEATURED POSTRichard Brewer-Hay / Wednesday, May 14th, 2008
The Arrest of Vladuz: A Team Effort
On Wednesday, May 14, a joint press conference was conducted by General Inspector of Romanian Police, Questor Gheorghe Popa; Directorate for Investigation of Organized Crime and Terrorism (DIICOT), Codrut Olaru; and eBay VP & Chief Information Security Office, Dave Cullinane regarding the the arrest of Vlad Duiculescu (“Vladuz”).
The press conference was an opportunity for eBay to publicly commend and thank the dedication and hard work of Romanian law enforcement in helping bring Vlad to justice.
Following the press conference, I was fortunate to get some time on the phone with Dave Cullinane and his team of security experts to discuss the arrest further. Unfortunately, because the Romanian authorities leading the prosecution have not finalized charges, I was unable to address specific allegations. However, I do plan on pursuing further when that time comes.
I was impressed to learn the extent to which the investigation stretched across many different agencies in different geographies. Dave explained that the arrest was due to a formalized collaboration between eBay and the Romanian General Directorate for Combating Organized Crime, the DIICOT and in cooperation with the US Secret Service and the FBI. In addition to those police agencies, authorities in Romania and the US Department of Justice played significant roles in gathering electronic evidence across multiple jurisdictions.
The eBay Fraud Investigations, Information Security, and Legal teams work in a cross-functional, global capacity and have a current headcount of 50 specialists that have formalized relationships with crime and investigation agencies both in the US and abroad to help investigate cases such as this. Given the intricacies of the relationships formed, I would think that the multi-year investigation, and subsequent arrest, will make for an excellent case study in cybercrime detection – and one that eBay can build upon for future cases.
Cheers,
RBH -
7 Permanent link to Romanian Fraudster, Vladuz, Arrested Thursday Morning Romanian Fraudster, Vladuz, Arrested Thursday Morning
FEATURED POSTRichard Brewer-Hay / Thursday, April 17th, 2008
Romanian Fraudster, Vladuz, Arrested Thursday Morning
Romanian fraudster, Vladuz, who had continued to attempt to compromise the identities of a number of eBay users (ultimately unsuccessfuly), was arrested early Thursday morning by Romanian law enforcement.
“We are delighted that Vladuz is in custody thanks to the hard work of Romanian law enforcement,” said eBay’s CISO Chief Information Security Officer, Dave Cullinane, in a formal statement made here.
I’ll update this page as I receive any further information regarding the arrest.
Cheers,
RBH -
FEATURED POSTRichard Brewer-Hay / Monday, April 14th, 2008
A timely message from John Canfield
A message from John Canfield, Senior Director for Trust & Safety policy management, went up on the General Announcements board earlier today, talking about a newly launched safety initiative.
In the announcement, John talked about a common fraud practice in which individuals access another user’s account and set up listings in that person’s name. He said, “they gain this access often through a phishing email that convinces an unsuspecting member to click a link and enter their User ID and password.”
We all know that the threat of identity fraud is with us all the time (I’ve received 9 such attempts in the first week of eBay Ink going live). However, I’m glad I read the message from John before clicking on all of my email earlier this morning because the latest attempt sent my way was yesterday, and I almost clicked on the link this time around.
He went on to say that “to protect the Community against this type of fraud, beginning today, eBay will start noting which computers members typically use to conduct their buying and selling activity. After our data collection phase, sometime in June eBay will begin verifying our sellers when they list an item to ensure they are logging in from the same machines they have successfully used previously – usually a home or business computer.”
This new level of security / identity confirmation process is only going to be applied to the seller side of the transaction to begin with. If you are a seller, and you attempt to list an item from a different computer, eBay will make an automated call to the phone number you have registered to confirm it is really you. They may also prompt you to verify your identity in other ways.
I think its obviously beneficial that we continue to improve secure and safe transactions but what if my account is registered with my home phone number but I’m trying to list an item from a library or hotel PC (as is the example given in John’s message)? Do I need to be able to answer the phone directly in order to proceed?
From what I can tell, the answer is yes. John recommended that all sellers should register their cell phone or mobile device as a secondary phone number so that you can be reached wherever you may be attempting to complete a listing. I realize nearly everyone has a cell phone these days, but I’m pretty sure this means that those without a cell phone will only be to able to make a listing from a) one location and/or b) the same PC. Is this where Skype comes into play?
Are there sellers out there that fall into this category? How would this change the way you list items? Would it?
If you check out the message from John, you’ll see some quick recommended steps to help with this new security initiative. There will also be a workshop about Trusted Selling with Identity Confirmation on May 6 in which the security team will be taking member questions.
For now, I’ll continue to view and open any emails from unknown sources with a due sense of scrutiny.
Cheers,
RBH
