The Checkout

Going Once. Going Twice. Gone.

Reader Cathleen Graham of Locust Valley, N.Y., brings us this tale from the dark side of online auctions.

Last month, Graham and her husband found a plow for their farm on eBay.com. A seller in Detroit, by the name of Melvin, was offering a 2005 Kawasaki Mule, a kind of all-terrain vehicle, with a plow attached.

Through eBay, the couple sent an e-mail inquiring about the ATV. Melvin wrote back offering the ATV for $2800 including shipping and handling. If they agreed to his terms, he said he would relist the item on eBay with a "Buy-It-Now" option.

The Grahams thought it was a good deal, went back on eBay and clicked on the Buy-It-Now button. Soon, they received an e-mail from Melvin confirming their "winning bid" payment instructions that looked like they were from eBay.

That message, which Graham forwarded to me, said it was from "eBay Payments aw-confirm@ebay.com," contained the eBay logo and standard boiler plate such as the terms of eBay's Vehicle Purchase Protection.

(We tried to run an image of the e-mail so you could see how authentic it looked, but ran into trouble with formatting, probably because it was a fake.)

In the payment instructions was a box that said the "eBay agent assigned for your transaction" was a man named Jeremy Mason. Cathleen Graham thought the eBay agent was there for her protection.

The instructions said to send cash via Western Union--which online auction watchdogs say is a major red flag. But Graham said she wasn't suspicious because two weeks earlier someone with a Paypal account had hacked into her and her husband's checking account and fraudulently tried to steal money, forcing them to close the account. The couple thought at least with Western Union, the person picking up the cash had to present ID.

Graham later learned a man who presented identification as Jeremy Mason picked up the cash at a Western Union office in Detroit--and then promptly disappeared with it.

Suffice it say, the ATV never showed.

Graham later asked an IT pro at work to take a look at the e-mails she had received and he figured out that the phony eBay correspondence originated somewhere in Germany.

When she realized she'd been scammed, she contacted eBay. "Hannah P." of eBay customer support sent her the following cloying message:

In reviewing the bid history for this item, you are not one of the bidders of the item. Please note that in order to purchase eBay items, you must use the eBay online auction system. That is, you must place bids or use the Buy-It-Now button on the online listing. It appears that there was private communication between the seller and you via e-mail. Unfortunately, they cannot be the basis of an eBay transaction.

In other words: Not our problem. But as far as Graham knew, she had been transacting on eBay the whole time and the scammer obviously took pains to make her think so.

Online auction watchdog Rosalinda Baldwin of the Auction Guild said you might not always be able to tell when you're on eBay and when you're not. Fraudsters have figured out how to redirect victims off site.

"You found the listing on eBay. You clicked on it on eBay. And the scammers have inputted a code that will redirect you to a page off the eBay site. Unless you have a slow dial up connection, it's a seamless redirect," Baldwin said.

Graham says she will never go on eBay again: "They did not stand behind me in this whole thing. They would not even provide to me the contact information on the purported seller, nor the VIN (vehicle identification) number that was originally used to place the ad on eBay, despite our initial correspondence about buying the mule was on eBay and was, in fact, trackable. If it was not for eBay, I would not have been defrauded of $2800, and they, in my mind, aided in that theft."

Some tips for buyers: Online auction watchdogs say buyers should beware of requests for payment via Western Union, of sellers who have no feedback, and of sellers with inconsistencies in their history, such as someone who has recently gone from selling teapots to electronics.

If you've been the victim of online auction fraud, you should change your eBay password to prevent scammers from setting up auctions using your name and account. You should also call the big three credit bureaus and put in a fraud alert on your credit report.

Have you had a similar experience on any of the online auction sites? Has anyone tried Google's answer to Paypal to make a payment? How was it?

By Annys Shin |  January 12, 2007; 7:45 AM ET Consumer News
Previous: Raising the Bar on Vehicle Testing | Next: Naturally Confusing

Comments

Please email us to report offensive comments.



I don't mean to sound unsympathetic, but this is most DEFINITELY not eBay's fault. It is unfortunate that people hear incidents like this and hold it against eBay.

The brick-and-mortar analogy here is that she went into a Target and talked to someone about purchasing something, that person led her out the back door of the Target and into some disreputable neighboring shop, which then fleeced her.

eBay keeps its transaction fees lower because they don't pay tons of staff to work on behalf of people who get defrauded. If they did, transaction fees would go up and eBay would be less attractive to those of us who use it to do business. In other words, if they helped everyone who got fleeced, they would lose business.

As a regular ebay buyer/seller I know full well how much eBay continually sends messages warning us how to spot fraud.

This lady got duped and that is unfortunate, but the article is slanted towards the eBay-should-have-done-more opinion and the equation is not that simple.

I encourage everyone who "moves money" on the Internet to know what fraud looks like before you transact. If you can't spot online fraud, get in your car and go to Target.

Posted by: Random Guy | January 12, 2007 8:11 AM

I too have been the victim of fraudulent auctions on ebay (and these were on ebay itself, not on fraudulent sites). Luckily both times were for very small, inexpensive items. Now I ONLY pay with a credit card, so that even if ebay, paypal, etc. etc. deny me support I still can get the credit card company involved.

Posted by: jan | January 12, 2007 8:12 AM

I have been both a buyer and seller on ebay for years. At least once every couple of weeks I get emails from "paypal" requesting verification of my account and acknowledging a payment to someone. These are always fraudulent and are a scam to get me to input my information. The best way to make sure that you are dealing with paypal is to leave ebay and go to the paypal site by yourself, ensuring that is ia a secure site (https). Never answer the emails asking for information, rather forward to paypal fraud site.

Posted by: Silver Spring | January 12, 2007 8:21 AM

We are quick to point the blame of our own short comings on someone else. With e-commerce comes risk, responsibility and a certain amount of accountability.

First, the little lock at the bottom right had corner of a web broswer lets you know you are dealing with a registered secure site. If it is not there take your business elsewhere.

Second, check the email addresses of the the email you receive requesting payment. If you think you know the source by just looking at the content of the email, your asking for trouble.

Third, if a seller or merchant asks you to send the money by a wire transfer service and not a secure way or secure e-commerce site, don't send the money.

We can't blame the problems we create on someone else. Sure, this guy scammed them. And it was a pretty elaborate scan, but insuring that we are in a legitimate deal before we "sign the dotted line" is our responsibility. If we sign for a bad deal most times we are just as much at fault. This is the stand eBay is taking.

The only way to combat scammers is to do our home work, check the source and if we feel something is not right, get out and look elsewhere

No, I haven't sent money using Google's payment services.

I prefer sending money via secure payment methods or secure websites. If someone wants it another way, I end the deal.

Posted by: Radioactive Sushi | January 12, 2007 8:34 AM

The scammed person apparently thought that because the 'agent' had to show ID to pick up the money, everything would be OK. I don't understand how anybody (including Homeland Security and TSA) can think that showing ID makes everything good. Criminals have plenty of ID.

Posted by: Denver | January 12, 2007 9:03 AM

As mentioned in most of earlier comments, my wife and I are active buyers and sellers on eBay with 10-15 transactions per month. While we have seen a number of potentially fraudulent auctions, our primary issues have been as a result of a few non-paying bidders. However, I need to keep reminding my wife that she should not click on every link in e-mails from "PayPal" nor should she respond to messages about items not sent when it was clear that we had nothing similar up for bid.

I am bothered, though, by the number of people here who constantly blame the victim for being scammed and point out things like "look for https" or "beware of redirects" as a way to avoid these problems. The average eBay user probably has no idea what this information means, which is probably why eBay is more susceptible to fraud than e-commerce sites like Buy.com and BestBuy. My wife, college educated, still talks about 'learning how to use the Internet' like it is a sewing machine or rice cooker. Should everyone using the web be aware and slightly suspicious? Probably, but the reality is that 99.999% of the time they just want to find a recipe, buy a book or plan a vacation just as if they went into a Target. I agree with eBay's position that the buyers in this case completed the transaction outside of the system, but strongly believe that companies like eBay owe it to their users to do a better job of preventing their sites from becoming a haven for criminals.

Posted by: Lester Burnham | January 12, 2007 9:20 AM

Random Guy is right on. I have no sympathy for these folks who refuse own up to their own greed (a scammer's best friend) and irresponsibility. How is the store responsible when you decide to go out in the back alley and buy a rolex for $20 from a guy you met in the store? I have used ebay many times to both buy and sell. As a seller, I always get emails from people wanting to do a deal directly outside of the ebay process. I always decline and post the "offer" for others to see, noting it is a violation of ebay policy. I pay close attention to ebay anti-scam advisories. As a buyer, my first rule is to be skeptical. There are clues and red flags to look for. In my experience, 99.9% of ebayers are honest legit folks anxious to please because your ebay "reputation" built up over time is everything. Still, on line commerce is not perfect. I never click the final button if I can't live with the risk. In such cases, as Random Guy suggests, I go to Target.

Posted by: mi-ti-bear | January 12, 2007 9:24 AM

These types of scams have been going on for years and eBay has made it very public with notices on the site that you should watch out for this kind of thing. They have email verification systems, where you can send them the email and they will tell you whether or not it's from them. They warn you NOT TO WIRE MONEY!

For crying out loud, there were probably at least a half-dozen warning signs this couple should have seen. Not to mention that they are apparently very gullible, seeing how they had already recently fallen victim to another scam. Really, I have little sympathy for them.

If they'd like to make back some money, I could use some help moving $56 million dollars in my bank account to America, so if you could have them send me their address, social security numbers, bank account information, DOB, mother's maiden name, etc. That would be great, thanks.

Much sincere,

Prince Sharman M'ubuto

Posted by: Nigeria | January 12, 2007 9:28 AM

The "brick and mortar" example cited by Random Guy does not apply here. The shopper who was scammed did not realize that she was going out the back door. She thought all along that the transaction remained on ebay.

I do lots of Internet shopping, but I have not used ebay. This is mostly because of all the scam stories that I have heard, and also because I would like to simply enter my credit card info and not provide lots of other information, like my bank account number. The more information you put in one place, the higher the likelihood that someone can steal it.

Posted by: gaithersburg | January 12, 2007 9:35 AM

I'll have to agree with Random Guy and Prince M'ubuto: Let the buyer beware. The warning flags were all there. Why did they ignore them and then blame eBay? I'm a Depression glass and yard sale junkie and since eBay I've been able to find a lot of good stuff.

BTW, Prince, the money is on the way to your account. Mom's maiden name was Jones. To verify, call 1-800-GOTCHA.

Posted by: Loves eBay | January 12, 2007 9:37 AM

Lester Burnham,

If you use the Internet you need to know the safety features.

Under your logic people don't have to know about the safety features on their car because they only want to go to the store to pick up some milk.

Posted by: Radioactive Sushi | January 12, 2007 9:37 AM

Ummmm, guys, the proper analogy is NOT someone buying a $20 fake rolex in the back alley behind the store. Rather, it's someone sneaking an extra display case alongside the cases of real rolexes, and convincing an unwitting customer that the fake ones are also real.

I bet none of you critics have ever gone and taken a look at just how good and convincing some of these knock-offs can be- and they are getting better all of the time.

And yes, I do think that eBay bears some responsibility for policing this junk up. After all, in the brick-and-mortar world, if somebody opens up a fast-food place and calls it 'McDonald's'- when it isn't- you better believe that the real company is all over that. So why would- or should- eBay be any different? After all, it's in their own self-interest. The more people that get burned (and the more resultant bad press), the bigger the financial hit eBay begins to take as people search elsewhere.

I have to admit, I was a frequent eBayer back in the good old days, and that has died off almost entirely as things have gone downhill with them. Nowadays, I refuse to purchase anything of more than nominal value from eBay (I figure if it's less than $20, oh well if I get screwed). The big ticket items? I stick with companies with solid reputations.

Posted by: Castor | January 12, 2007 9:39 AM

I had been a seller & buyer on Ebay for 5 years. Unfortunately, the people fell to an "email phishing" scam. This is not ebay/paypal's fault directly.
However, they use an archaic IT system for their auction web site. It is bases on IT tech from 1993. Full of security leaks and holes.
Quite honestly, Ebay is very hard on the non-commercial seller in terms of cost. Paypal is just ebay extended. Very expensive for sellers and the security is suspect. The writer could do a separate article on this.

Posted by: Budbear_5000 | January 12, 2007 9:40 AM

In just the last two days I have received an email purported to be from my bank asking me to update my account. I have always been weary of receiving such mail but it looked just like the email notices that I usually receive from my bank. I hit the link and only then became supicious. I got out of there quickly changed my pass codes and contacted my bank. My bank asked me to forward the mail to them which I did. Apparently it was a false site made to look exactly like my banks website.

Posted by: Teri | January 12, 2007 9:42 AM

"If you use the Internet you need to know the safety features.

Under your logic people don't have to know about the safety features on their car because they only want to go to the store to pick up some milk."

RS...except for (most) seat belts, safety features in automobiles are passive and built directly into the vehicle. Why do you think that is?

Do I believe that EVERYONE using the Internet should fully understand the risks on the Internet? Absolutely, but how do you propose keeping 100+ million users up to date on every threat and scam on the WWW? Do you penalize people for using an inferior browser like IE or an inferior OS like Windows XP instead of Firefox and Mac OS X?

By now, I think that most people should be aware of the Nigerian 419 scam and banks that you do not do business with asking you to update your account records? But thinking that the average user is going to fully comprehend site redirects and other nefarious schemes is wholly unrealistic.

Posted by: Lester Burnham | January 12, 2007 9:54 AM

I agree with gaithersburg, Random Guy's analogy does not apply. The back door existed because of a security hole in ebay's site. I always look out for red flags, but I never knew you could be redirected to a third party site by clicking on ebay's listings. I agree the couple mentioned had other red flags (eg. western union). However ebay needs to do a better job fixing their security holes and informing their customers about it.

Posted by: wg | January 12, 2007 9:54 AM

The classic case of caveat emptor. Legitimate e-Bay sellers accept credit cards. Would you give an envelope full of cash to a back alley discounter you never met? Probably not, so why do it via Western Union with an internet sharpie you never met? Bargains that are too good to be true always are.

Posted by: Steve | January 12, 2007 10:06 AM

I disagree that the redirect is a "hole" in ebay security. Any clickable link, anywhere on the Internet can be spoofed to send a user someplace else, either by something on the website or by something latently placed in the user's browser. So maybe this buyer did not know she was going out a back door, but she did go out. So what is eBay to do?

wg, Lester, suppose you are eBay. Consider them. What do you propose they do? They cannot track redirected traffic after one click. (e.g., they can see people go out the back door, but not where they go or what they do after that.) How do you propose eBay respond, other than what they do presently, which is to say, "always look for the HTTPS (lock) and try never to operate outside our site's auction facility (back door).

Exactly what does this "do a better job of preventing their sites from becoming a haven for criminals" consist of, and please give a brick-and-mortar example where you hold Target to the same standard.

Thanks.

Posted by: Random Guy | January 12, 2007 10:09 AM

Random Guy, I agree that, after the fact, there is nothing ebay can do (especially in this scenario). However, I never expected that when I click on a item in ebay's own search listing, that I could be redirected to third party site. (See the redirect article Annys posted). What I'm saying is ebay failed to inform customers of this type of redirect. Unless you provide me with an announcement from ebay, I'll recant in holding them somewhat accountable.

Posted by: wg | January 12, 2007 10:26 AM

Random Guy- here's a good example in the brick-and-mortar world.

If I walk into a McDonald's, I expect it to be a McDonald's, not something fake, that just has the sign out front. However, if they do a good enough job on the decor, I am probably going to be convinced that I am in McDonald's, even though I'm not.

Now, in this case, I can give a 1000000% guarantee that, the moment they find out about it, McDonald's (the real one) is going to be shutting down the fake place almost faster than you can blink.

And that's kinda the deal with websites, whether or not corporations want to agree with that or not. One of my banks, for example, has regular spoof sites made of it, and phishing scams run to try to steal account info. And- my bank very vigorously pursues and shuts down these spoofs as quickly as they can.

So, why should eBay be any different? I think they are even more culpable, since the fake sites can apparently be accessed from links on the real site.

Posted by: Castor | January 12, 2007 10:27 AM

In the last year I have collected over 135 emails from various locations that ask me to "Click here" to receive my $500.00 gift card. Store cards, bank cards, you name it. I haven't clicked yet because of the old adage "There is no such thing as a free lunch". My wife has bought/sold via ebay for the last five years and the only problem she has had is with buyers claiming they didn't receive their merchandise. Since she ships with return receipt requested we have sent copies of the signed receipts to ebay and she has kept a spotless record with them. And a few buyers have been identified as scam artists too.

As far as the previous posts concerning the mindset of the average internet user, the best advise I would have to give is what I call

"Simple rule #1 for computers:

You need to be smarter than the machine to use it."

Posted by: SoMD | January 12, 2007 10:36 AM

One more note, whenever I do online transactions, I try make sure the link belongs to institution or merchant I'm doing business with. However it's almost impossible to be 100% certain. For example with the citibank site, if I want to login to my credit card account from their home page I get redirected from citibank to web-da-us-citibank to citicards to accountonline. How am I to know these are all legitimate Citibank urls? In my opinion, like castor above says, corporations need to be more aggressive in shutting down scam sites.

Posted by: wg | January 12, 2007 10:38 AM

Lester Burnham,

Breaks are safety features, seat belts are safety features. If you don't use them, you end up in bad situations.

If you don't use safety features like verifying the web link or verifying the source of an email, which security firms and web developers have been telling consumers for many years to do, then you and you alone are responsible for the trouble you cause.

Scammers are coming up with new ways to get what they want from you. Social engineering is the way they got around safety features. The just ask you provide them the information. In that case, victims are real victims. Nice people getting scammed by bad people just because they are nice.

I hardly compare these people to people who fail to use safety features companies and security firms have been screaming about to customers for years.

This has nothing to do with operating systems and web browsers. It has to do with knowing what you are getting into, assessing the situation, running if you suspect bad things and knowing signs are not inline with the norm, also known as "e-fight or e-flight".

We have all gotten scammed somehow at sometime. If you don't learn and heed the warnings, all you can do is hope for the best. If you blame someone else for your bad judgments then the only thing you are doing is not taking responsibility for something you were responsible for.

Posted by: Radioactive Sushi | January 12, 2007 10:41 AM

Castor, I totally agree that it is eBay's best interest to pursue the scammers and shut down their fake/spoof sites. But 2 things jump out at me, and I am not sure that most people have considered them:

1) McDonald's corporate employees would not get in their cars and drive over to the fake McDonald's to shut it down. Given the nature of the issue they couldn't even use regular cops. They would need either State Troopers serving the State Atty General or US Marshals pursuing a Federal injunction or something similar. This is not consistent with the notion that the eBay people should be personally involved in working these cases.

2) The brick-and-mortar US Marshals-go-shut-them-down example implies that McD's lawyers would have been working on this issue for sometime, implying the fake McD's would have been in business long enough to observe and build a case against.

This is not the same in Internet-land, as a crook is just as likely to host his spoof page on the server of some totally innocent company as to put it anywhere else. It is extremely unlikely that this crook has put all his spoof places on the server in his basement.

So the FBI or the Marshals go drive up to the place where the IP address says the server lives and lo-and-behold, it's your door they knock on, because the crooks put the host page on your machine, where your daughter disabled Windows Firewall so she could run around on MySpace without you tracking her.

Posted by: Random Guy | January 12, 2007 10:42 AM

Meant to end that last post by pointing out that these spoof pages may be hidden in these innocent servers for only a limited time (3-4 days?) then deleted, so the FBI then has to do all this forensic IT work on the innocent company's servers, potentially costing them efficiencies, to track down a potentially smaller amount of money lost by an unrelated citizen.

Posted by: Random Guy | January 12, 2007 10:54 AM

a few years ago, i was searching for a gift for my aunt on ebay. the next day when i checked my bank account, i found a bogus paypal withdrawal for an ebay purchase. i went to paypal and found out that my password had been changed there and on my ebay account. i tried to check my email, but the password had been changed there as well. i contacted ebay, and i reported the fraud. they were able to restore my account, and i immediately changed my password to something a lot more difficult to figure out for a hacker. i contacted paypal and filled out a fraud report. i got my money back within a few weeks.

i contacted the seller of the item, and i let them know that they were also the victims of fraud. they forwarded the buyer's info to me. i closed my bank account and i put a fraud alert on my credit file with all 3 agencies. i contacted the buyer's isp and i let them know that someone was using their lines to commit fraud. i contacted yahoo to try to restore my account, but since i didn't remember the security questions i used when i set up the account, they wouldn't give me access. so i had them block all access to the account.

i was behind a firewall and all of my computer security was up to date. the only way the thief could have gotten my info was through ebay because i used three different email accounts for transactions conducted through ebay and paypal, and the perp managed to hit all three. i'm now leery of buying things on ebay, and i check my accounts to make sure no unauthorized transactions appear anywhere.

and do you want to know what the idiot tried to buy with my account? gold for a freaking online video game!! so i also contacted said game, but i don't know what actions they took. they probably banned his account, but it's not like it's hard to set up a new account. i'm also bitter toward the game, and i vow that i will never play it no matter how boring my other online games get.

Posted by: lee | January 12, 2007 11:09 AM

I disagree with the poster who compared this transaction to one where someone hypothetically goes into Target, meets someone and travels to the parking lot to buy something from them, gets scammed and wants to hold Target accountable.

Let me offer the following hypothetical that I believe is more akin, in the "brick and mortar" analogy. If you went into Target, saw a person in a Red polo with a Target name tag holding an item and told you the price was "X", and you agree to purchase it. You are taken down a hallway to an office where another person in a Red shirt says he's the Target assistant manager, and that these items are not rung up at the cash register, but are done via written receipt. You hand over your cash and leave with an item, and find out you got scammed. You go back to Target who says, we don't know those men and they do not work for us, and once you go down that hallway you have left the store, so that's not even our office.

Sure, this is a little far fetched, but this is what happened. Someone posed as ebay and directed this woman directly off of the ebay site without her knowledge. Someone else posed as an employee of ebay and completed the fraud. The whole time she thought she was dealing with ebay and the transaction originated on ebay. That's far cry from meeting someone in a Target, or perhaps on ebay, and say working a "separate" deal with them, which is what this person posed.

Does ebay bear some responsibility in the matter, as to that I'm unsure. I certainly believe they have a moral obligation to at least assist her in any way that they can, which is clear they have neglected to do. Ebay has made a pattern of dealing in a very lacadazical way with scam artists, I fully believe its part of their business model. I have personally reported things to them that were obviously fradulent (i.e. autographs dated after the sports hero DIED!) and they have done nothing.

I would never pay for ANYTHING on ebay in any other way than with a credit card. And I have been scammed once or twice using my credit card, and I don't even bother trying to go through ebay, because I know they feel it is not in their business interests to assist me (same goes for Paypal), I just go straight to the credit card and dispute the charge. Sure I get nasty pre-form emails from ebay or Paypal saying that this was "unecessary" and that ebay and Paypal are looking out for me and next time I should go through them, but the reality is they just want to tie you up long enough that when they say, sorry can't help, the time has passed for you to be able to sucessfully dispute the charge with your credit card issuer.

Posted by: Josh | January 12, 2007 11:46 AM

Josh, your missing the point. It's her responsibility to know where she is. The site may look the same, but the address is clearly different. Your Target analogy is a social engineering tactic, not a redirection scam.

eBay is a vehicle for sellers to sell things. They are not the seller and not responsible for what the seller sell. If you buy it before you check it out, shame on you.

Posted by: John | January 12, 2007 11:59 AM

Annys, your writeup is missing a critical piece of information - how exactly did the victims get the link to the Buy-it-Now page on eBay? If they actually went to eBay, the real eBay site, and bid on the item there, they would have legitimately bought the item and there would of course be a record of them being a bidder (and eBay would have sent them the usual "winner" e-mail). Clearly, these people were victims of phishing - they must have clicked on a link to an auction within the e-mail the scammer sent them, that wasn't actually going to the eBay site.

If that's the case, then eBay is not at fault - no more than Citibank or Suntrust or any of the other banks that phishers use to try to gain personal information. If you click on a link from a "Suntrust" e-mail, thinking it's legit, and the personal information you enter is used for nefarious purposes, is it Suntrust's fault? No. So why is it eBay's fault in this circumstance?

Posted by: R | January 12, 2007 12:08 PM

OK so the average Ebayer isnt a tech guru - but they DONT NEED TO BE!! Ebay rules SPECIFICALLY FORBID WESTERN UNION PAYMENTS! The buyers violate the rules then expect Ebay to use the SAME RULES THEY VIOLATED to make everything OK? I think NOT!

And what about feedback? Did they check the seller out (good rating, length of time on Ebay, types of products they usually sell?) before getting into a big dollar transaction? I'm guessing no!

Posted by: tunatofu | January 12, 2007 12:22 PM

Oh and while Ebay can and will give you the name of the person who posted the original listing, in all likelihood, that ISNT the person you sent your money to. Scammers routinely contact the bidders of LEGITIMATE listings and divert them from the REAL auction with side deals by posing as the seller. It is a type of virtual identity theft if you will. I would like to know how many other things these buyers have bought on Ebay and how long they have been members. I also wonder how much comparison and research they did before deciding that this was a bargain and plunking down a large chunk of change (you in turn would be shocked at how much research and comparison I do to buy a $28 sweater on Ebay, let alone a $2800 ATV)

In case you were wondering, I have bought over FIFTEEN HUNDRED items on Ebay including FOUR cars. Less than a handful of problems in 8 years.

Posted by: tunatofu | January 12, 2007 12:33 PM

I agree with R and that's what I've been thinking as I read all this. It's not clear from the article if they were on e-bay's own website and were redirected from a link on that site, or if they clicked on a link from an e-mail they got from the purported seller. If it was the former, then yes, I think it is e-bay's responsibility to make sure that links within their own website do not send you to fraudulent e-bay sites. If it was the latter, then they fell for what is becoming the oldest trick in the book - clicking on a fake e-bay link in an e-mail - and that is their fault.

Posted by: Rosslyn | January 12, 2007 1:01 PM

Personal responsibility is a must. If you are going to engage in any behavior whether ice fishing, shopping online, or starting a business you need to know the risks.

In my mind eBay could have been more helpful but didn't need to be.

What's lost here is that the buyer tried to get a extra sweet deal for herself. Keep that in mind . . .she tried to cut eBay out of the transaction knowingly or not.

Posted by: Smart Guy | January 12, 2007 1:09 PM

In the article it clearly states that the couple were browsing eBay and came across a listing for an ATV. They sent an email THROUGH eBay asking the seller questions about the item. I've done this many times myself. The seller responded to them and offered a BIN price, which the buyers agreed to. This is also common, and completely within eBay's rules. I assumed that the buyers had saved the listing in the "Watch This Item" feature of eBay and then went back there, pulled up the listing and purchased the item. The only thing they did wrong was to pay via Western Union, which is the equivalent of sending cash to someone. So eBay DOES, in my opinion, have some responsibility since the item was purchased through their web site. How could the buyers have EVER known they were being redirected?? Again, they should not have used Western Union, but given their recent bad experience with PayPal it's not suprising. eBay should offer some assistance...

Posted by: shl | January 12, 2007 1:10 PM

"I do think that eBay bears some responsibility for policing this junk up."

eBay DOES take responsibility! They try very hard to help people avoid scams. However, there is a sucker born every minute and plenty of people out there are using the Internet with eyes wide shut to all the dangers and red flags. As many have noted, there were plenty of red flags that should have warned the buyers off, and yet they moved forward -- even being so dumb as to WIRE CASH! Isn't that the first rule of what not to do regarding Internet purchases.

Who hasn't heard of the Nigerian Scam? If you're an adult over 21 with Internet access, then it's ultimately YOUR responsibility to protect yourself. Responsible sites like eBay make a great effort, but they can't hold the hands of every user out there who just clicks away cluelessly.

Anyone who hasn't heard that your bank WILL NOT contact you via the Internet and ask you for to "update your information", I am telling you now. It's always a scam -- don't even open these e-mails.

Posted by: Julie | January 12, 2007 1:16 PM

How to know you've been redirected? As Radioactive Sushi pointed out: look for "https" and the little yellow lock. Scammers may find a way to duplicate those signs that you're on a secure site, but for now, spread the word.

I don't even have a computer in my home and I know this basic information. I have a reasonable amount of suspicion. I have read countless articles about protecting my identitity and financial information. In this day and age, it's still Buyer Beware. If you don't feel you can learn how to safely use the Internet and then expect that web companies will protect you, then just don't use it.

Posted by: Samo | January 12, 2007 1:21 PM

Tunatofu -- excellent points. Researching the seller is too damn easy NOT to do it. We have purchased computers, large screen tv's, jewelry, clothing etc -- we researched cars, but didn't purchase because we got a better deal in town.

Posted by: Columbia MO | January 12, 2007 1:27 PM

Another clue on Redirects = Understand what a URL is.

Look at the address field on your browser right now. "washingtonpost.com" is the domain you are in. WaPo owns the whole domain. The "blog." part means you are in a certain sub-area of their domain.

"blog.washington-post.com" is not the same site. "blogwashingtonpost.com" is not the same site. etc.

I went back and looked in my email account for a phishing email for a sample. I have an email from "tech@ebay.management585.com" asking me to click through and enter a bunch of personal information. This is a blatantly obvious forgery. eBay would never contact me from a domain called "management585.com", and I'd be silly to think they would. Even though it has a bunch of graphics that look like eBay's and it uses the right font, etc.

I know most of you know this, but some seem to be confused about how much knowledge a "normal" internet user should have. IMHO, you type in URLs to get around the internet, so you should know what they mean. No one would argue that you should use a phone without knowing what an "area code" is.

Posted by: Random Guy | January 12, 2007 1:34 PM

I would think that it would be in eBay's best interest to take the side of the customer, go after the perpetrators, and make the site more secure than for eBay to alienate this customer for life. Surely e-bay doesn't want to limit its customer base to only the tech-savvy. I have made a few purchases on eBay before with no problems, but knowing that even if I am very careful, that I could be directed off-site and scammed and eBay will not care, makes me weary of using their site in the future. And I do consider myself to be tech-savvy and knowledgeable about internet scams.

Posted by: Stephanie | January 12, 2007 1:36 PM

eBay does go after scammers who use their site. They don't go after scammers who don't use their site. If it's a starting point but no bad transaction took place during that phase, eBay is in the clear. Once the transaction leaves eBay, it's no longer their problem.

eBay does protect users of their site, but if the user ventures off the site, it's the users responsibility.

Julie, Random Guy and Samo all make good points.

Knowing where you are, what you are doing and the potential risks all play a major factor in keeping yourself safe.

Is AOL responsible for a 40 year old man using their chat software to proposition young boys? Not at all. They WILL help agents track down that person, but they retain no responsibility for the persons actions.

The Internet is not babysat by commercial websites. The user is. That is what makes it a free medium.

Posted by: Radioactive Sushi | January 12, 2007 1:54 PM

I get emails all the time from "ebay", as well as "bank of america" (where I currently bank) and other banks too. First of all, they usually come to the wrong email address - ebay has one of my addresses, and BofA has another. So when the ebay ones come to say my gmail account, I know that it's not a real message from them, since that's not the email address listed for my account. Same with BofA. When the emails do come to the right accounts, I noticed that if you mouse over the link (without clicking on it, of course) you can see the web address at the bottom of your screen. That will show you that it's not going to take you to ebay.com, but to some fake site.

Posted by: Hokie | January 12, 2007 1:57 PM

There is a link on the eBay website that lets you report suspicious activity to eBay. They'll take it from there. I once got an email message from 'eBay' asking for my account information. A red flag went up in my brain, so I forwarded it to the legitimate eBay website. If you have any suspicions whatsoever, send the message or transaction (before you pay) to that link.

Posted by: Loves eBay | January 12, 2007 1:59 PM

Random Guy Says - [blog.washington-post.com" is not the same site. "blogwashingtonpost.com" is not the same site. etc.]

Most cases phishing urls are easy to spot. However, I don't like it when legitimate sites don't use the same domain in their url. For example the citibank urls for their credit card accounts are accountonline.com. Just from the url, you can't tell if it's a citibank site. I only know it is because it was listed in one of their FAQs.

Posted by: wg | January 12, 2007 2:00 PM

"For example the citibank urls for their credit card accounts are accountonline.com. Just from the url, you can't tell if it's a citibank site. I only know it is because it was listed in one of their FAQs"

This is a case where you look for the security notification in the web browser or on the site.

And no, these security features cannot be duplicated. They are registered commercial secure sites. The https is hard to come by. Anyone getting one is tracked and verified. Same thing with sites that use Verisign.

But the golden rule is of you are not sure, call the bank (Not the 800 number in the site). Use one off a hard copy from a bill or statement.

Posted by: Radioactive Sushi | January 12, 2007 2:16 PM

wg, you raise a good point. As a skeptic, I never do business with these places with the exception of Government (e.g., most government entities make you go through a third party to pay your tax online).

With the exception of Government, if an online business cant spring for $70 for an SSL (security-https) certificate and accept credit cards thru their site, they don't want my business bad enough.

Bank of America has gone through a zillion upgrades but really has a good site now. If Citigroup can't be bothered to modernize their banking side (their smithbarney/citigroup investment stuff is very modern) you may want to be pessimistic about where else they cut corners in their technology.

Posted by: Random Guy | January 12, 2007 2:21 PM

eBay isn't to blame for this. They've said, and placed on every support board they have, to NEVER click on a link provided by email. Go to ebay.com and put in the auction number and look for it that way. eBay and PayPal phishing emails have been going on for years, so I'm not sure why Annys is so surprised at how good they look. When in doubt, send it to spoof@ebay.com and let them figure out if it's real.

Also, the safest method to buy anything on eBay is ALWAYS PayPal with a credit card funding the transaction. That way if something goes wrong, you can fight it through PayPal AND via a chargeback. eBay's been very vocal about Western Union being a tool for fraud - that's why it's blocked as a payment method.

Could eBay do more to prevent fraud? Sure. Is this specific case their fault? No.

Posted by: Maryland | January 12, 2007 2:56 PM

After reading the posts, I still think Random Guy is right on. No one was faked out by a "jewely case" or a "false McDonalds". The the turkeys who were taken went off on their own thinking they could make a deal. The article decribes a classic off ebay transaction. Using the ebay system, YOU NEVER EVER negotiate directly with a buyer or seller, unless you have some serious stones. Once you negotiate directly with a buyer or seller, ebay clearly stipulates that it is no longer an ebay transaction. Also, you don't get a notice from "Melvin" when you win the auction, you get a notice from ebay. You then separately log onto your account to double check. Common sense. This stuff is not rocket science.

Posted by: mi-ti-bear | January 12, 2007 3:59 PM

Whether or not eBay is responsible in this particular situation is really beside the point. From a pure PR perspective they should do all they can to minimize fraud on their website. The fact that this woman's story made it to press and in turn has generated dozens of comments is proof that people care about this stuff and pay attention to it. How many people reading this article are not going to ever use eBay just because they don't want to risk the hassle of having to get new email accounts and bank accounts and monitor their credit for fraud for a year just because they tried to buy some $40 beer stein on eBay? I think lots - and I'm one of them. Why would I use a site that apparently does little to prevent fraud on its website and then hides behind caveats in its user agreement when problems inevitably arise? While they may have a legal defense, is the overall loss of business worth the short term gain of not covering a particular fraud? You'd think a site devoted to internet auctions would be falling over itself trying to make it as secure as possible, rather than relying on the old "Buyer beware" saw and just assuming that people need the site so much they'll use it anyway.

Posted by: D.C. | January 12, 2007 3:59 PM

After reading the posts, I still think Random Guy is right on. No one was faked out by a "jewely case" or a "false McDonalds". The the turkeys who were taken went off on their own thinking they could make a deal. The article decribes a classic off ebay transaction. Using the ebay system, YOU NEVER EVER negotiate directly with a buyer or seller, unless you have some serious stones. Once you negotiate directly with a buyer or seller, ebay clearly stipulates that it is no longer an ebay transaction. Also, you don't get a notice from "Melvin" when you win the auction, you get a notice from ebay. You then separately log onto your account to double check. Common sense. This stuff is not rocket science.

Posted by: mi-ti-bear | January 12, 2007 3:59 PM

"I know most of you know this, but some seem to be confused about how much knowledge a "normal" internet user should have. IMHO, you type in URLs to get around the internet, so you should know what they mean."

OK, everyone raise their hand who does NOT know (or really care) what a URL is. All right then. For the 95% of you web users with a hand up you are now banished from the internet until you get some basic technical knowledge. We will wait for you here while enjoying lots of extra bandwidth.

Random Guy, I get your point, but I think that it is both a naive and arrogant position. How do you propose that people find this information? What is the body of knowledge look like? Should it be available from a website? Maybe every ISP can require a competency test before allowing people to surf the web.

Posted by: Lester Burnham | January 12, 2007 4:12 PM

This is what Annys says:

1. Through eBay, the couple sent an e-mail inquiring about the ATV.

2. The Grahams thought it was a good deal, went back on eBay and clicked on the Buy-It-Now button.

From this it appears the transaction took place within ebay and not directly with the buyer, so I don't understand why ebay wouldn't help. The only defense ebay has is the use of western union.

Posted by: ponder | January 12, 2007 4:20 PM

I agree to some extent with DC. I agree that ebay would get more business with a more agressive approach to protecting customers from fraud. However, many have found ebay to be a effective and powerful tool and are comfortable using it. I take issue with those who blame the tool for their own shortcomings. Sort of like ladders, sharp knives, and power mowers. Some people can use them well and safely while other people should stay away from them.

Posted by: mi-ti-bear | January 12, 2007 4:21 PM

I don't mean to sound arrogant, but how did these folks find out what a phone number is comprised of, to continue that metaphor. There's an area code, a local exchange and the last 4. How do we know that?

This information is not hard to find. I googled URL.

http://www.webopedia.com/TERM/U/URL.html

And to be honest, when you say "OK, everyone raise their hand who does NOT know (or really care) what a URL is".

If you are "moving money" on the Internet, but you don't care what the Internet is comprised of, who is shrugging responsibility? Is it really eBay?

Posted by: Random Guy | January 12, 2007 4:26 PM

I meant to say:

And to be honest, when you say "OK, everyone raise their hand who does NOT know (or really care) what a URL is" you really sound arrogant too.

Posted by: Random Guy | January 12, 2007 4:27 PM

However, if the tool has flaws (ladder with bad rung, bad knife handle, a mower that catches fire), one can still get hurt no matter safely they use it.

Posted by: ponder | January 12, 2007 4:31 PM

Ponder - Read the article. The buyers didn't click a "Buy it now" button on the original listing. They agreed upon a price with "Melvin" who said he would relist it as a "Buy it Now" at the "great price" they agreed to. The off ebay negotiation and relisting is a circumvention of the ebay auction process. Pertinent section of the article pasted below:

"Through eBay, the couple sent an e-mail inquiring about the ATV. Melvin wrote back offering the ATV for $2800 including shipping and handling. If they agreed to his terms, he said he would relist the item on eBay with a "Buy-It-Now" option.

The Grahams thought it was a good deal, went back on eBay and clicked on the Buy-It-Now button. Soon, they received an e-mail from Melvin confirming their "winning bid" payment instructions that looked like they were from eBay."

Posted by: mi-ti-bear | January 12, 2007 4:34 PM

I make all kinds of money using eBay and I never buy or sell anything using their auctions or using PayPal. I buy their stock when it is priced low and sell it when it goes up. It is easy to make money on EBay without getting scammed.

Posted by: thw2006 | January 12, 2007 4:34 PM

To all of the people claiming that there were dozens of red flags, could you please be more specific? While I don't feel sorry for the victims of nigerian fraud because this and other "popular" scams have been widely publicized, I have never heard that you can go on Ebay, click on 'buy now' button and be redirected to another site. Instead of rolling your eyes (virtually, of course), some specific advice would be much more apropo.

Posted by: Elle | January 12, 2007 4:34 PM

I have the same question as elle. Is it possible to be on the real ebay, click BIN, and be redirected off ebay?

Posted by: mi-ti-bear | January 12, 2007 4:54 PM

mi-ti-bear, but is that against ebay policy? The only thing i was aware of is the following:

Offers to buy or sell listed items "outside" of the eBay site are not permitted. Offers of this nature are a potential fraud risk for both buyers and sellers and circumvent eBay's fees.

However in this case the item was listed and the transaction took place within ebay.

Posted by: Anonymous | January 12, 2007 4:55 PM

"I don't mean to sound arrogant, but how did these folks find out what a phone number is comprised of, to continue that metaphor. There's an area code, a local exchange and the last 4. How do we know that?"

Random Guy, do you really believe that people think of a telephone number as more than a 10 digit string? Sure, there is a context to each component, but long gone are the days when people simply dialed (on a rotary phone) PLeasant 7-5012 and knew EXACTLY what part of town they were calling. Area codes used to be simple when everyone knew 212, 202, 301 and 703, but who can remember (or really care) where 772 or 928 belong?

I did not suggest that a definition for "URL" was not available, but what percentage of casual internet users (and I think that this is the principal group) even know what a wiki is?

To use a different analogy, how much do I need to know about yeast before I bake a loaf of bread? Do I really need to know how water temperature affects yeast, or simply that hot water will kill it? Do I need to understand the chemical properties of a can of paint while shopping at Home Depot?

I consider myself fairly literate with regard to technology, yet I still consider most of it FM (f'ing magic). I am not suggesting that internet users bear absolutely no responsibility for their safety on the web, but I also think that it is disingenuous to think that everyone is as smart and capable as you.

Posted by: Anonymous | January 12, 2007 5:06 PM

mi-ti-bear: read the article again. It's kinda confusing, but according to what is written, they DID click a buy-it-now link at what they at least thought was eBay. So I would rate them as being at least halfway cautious.

I consider myself extremely internet savvy, and take all steps to cover myself, including looking at urls, the lock, never clicking through a link from an e-mail, etc. BUT, I also have taken numerous of those "spot the phishing site" tests, and there have been enough of those that I didn't catch.

Ultimately, I think, whether or not eBay is liable for this case (and, if someone clicked a link from their actual page, then I do think that they are liable. Bank analogy here- if I am on my bank's legitimate site, I don't expect any link from them to redirect me to a phishing site.), but the P.R. issue is paramount.

I have done multiple thousands of dollars in online transactions over the last 8 years or so. Haven't been burned yet. BUT, I also have avoided using eBay for about the past 3-4 years, except for very small items (under $20-30), which I can afford to lose in a fraud. This is, quite simply, because of their poor reputation both with fraud, and their handling of it.

So, how much money is eBay losing, from customers like me, who are paying higher prices elsewhere just to avoid fraud? At some point, legally liable or not, eBay has to begin recognizing that they have a serious customer-relations issue, and deal with it accordingly. If they don't, they will eventually fail, as people migrate to more trusted systems. The only reason that they haven't yet failed is a lack of direct alternatives.

Posted by: Castor | January 12, 2007 9:49 PM

Glad I checked on Saturday. A couple of comments...

Castor, I think that eBay may be missing an opportunity with customers like yourself, who would be more inclined to purchase there if they thought it was safer. But, I don't know how large a number that is. Every year their revenue goes up, so they're probably seeing everything as "half-full" anyway.

(Editorial - I just googled "eBay Scams" and I am alarmed at how many hucksters are trying to sell reports on how to avoid scams. I think this is a scam in itself!)

Ellie and others, here is a great PCMag article on how to spot Phishing on eBay. Best one I've read: http://www.pcmag.com/article2/0,4149,1384423,00.asp

Castor and Ellie, redirects away from an "official" eBay link to a fake site would be rare. But here's an example that is not -- a Seller Link. Lets say I list an ATV on eBay. You look at it and I have a link that says (for more info on my ATV click here for pictures). Okay you click there and you get pulled into a site that is obviously different, and it has lots of pics. At the bottom it says (click here to go back to eBay). Well, instead of hitting your back button ensuring the browser puts you back where you came from, you hit my dishonest link, which pulls you to a site that looks like eBay and isn't, and you proceed to "BUY-IT-NOW" there on this fake site, inadvertantly giving them all your info.

That can happen very easily. Anyone can put a link in their item listing to take people off the real eBay site. I have done it myself, to link back to the manufacturer's listing on the thing I was selling, so people can see what it costs when new. Crooks and cheats may misuse this function. In my opinion, it would be bad for eBay to disable the external link function, because it's extremely useful. It does not seem reasonable to hold eBay accountable for misuse of this feature.

To Lester and others indicating that too much technical knowledge may be necessary to always know how to protect yourself in cyberspace....well...I am honestly unsure how to address that. I am not sure (a) we (society) could make it a goal to train everybody/most people or that (b) there wouldn't still be people who wanted to feel "safe" in cyberspace but still had no training.

But the other half of that equation is still that we need to consider whether eBay is truly responsible for the fraud. Why stop at eBay? Is it Microsoft because browsers are easily hacked into? Is it Dell because all hardware does not (yet) require biological authentication (fingerprint) for login?

Having worked all my life in tech I don't see an easy answer, and I think that the consumer public is holding eBay to an impossible standard here. I had a guy approach me in Tyson's Corner Mall during the Xmas season, offering to sell me jewelery cheap. Of course I turned him down. But if I didn't and he scammed me, I shouldn't try to hold Tyson's accountable.

Posted by: Random Guy | January 13, 2007 2:05 PM

Teri, you might also want to clean your computer of viruses or malicious programs. The reason? Often those spoof email links also contain code to install stuff you don't want on your computer. Antivirus programs don't always catch it.

Posted by: CyanSquirrel | January 13, 2007 9:27 PM

Scammers have been defrauding people through snail-mail and the telephone for as long as those technologies have existed. Would you say that a postal mail user bears no responsibility for knowing what mail fraud looks like? Would you give your credit card number out over the phone? If you use a method of communication, it's your responsibility to learn the risks of that method. Just because the Internet is a new technology doesn't mean that people aren't responsible for learning the risks before they start using it.

Posted by: Anonymous | January 14, 2007 3:07 PM

This is not ebays fault.

LESSON TO BE LEARNED:
If something looks too good to be true, it probably is.

A 2005 Kawasaki Mule with a plow for $2800? Are you kidding me? That's a +$7000 utility vehicle! That just SCREAMS scam.

Posted by: Bill Ebay | January 15, 2007 8:43 AM

Random Guy- Interesting info, and thanks for a walk-through on the external links bit. And I think where eBay has a unique problem is that it is a new form of selling- user-to-user. That worked okay back in the days of garage sales, when buyer and seller are face-to-face, directly handling the merchandise and cash.

But now, with it being all online, there are some big differences.

If I might humbly advise eBay, I would suggest an insurance deal- to whit, eBay would charge sellers an additional fee on items with a value of, say, greater than $50, to cover insurance on the purchase. Then, depending on the end purchase price, the buyer would pay a few extra dollars to cover insurance on the full amount of the purchase.

This way, everyone wins. The scammers would have to put more money upfront, making the scam less enticing. The buyers would have their money protected (and people like me might just go out and buy that $500 item again, knowing that I will end up with either the item, or my $500 back, maybe losing $5 in the process). And, most importantly, eBay would be taking a proactive approach to the sales (heck, this would also increase revenue, and allow them to require, say, PayPal as the payment system which comes with insurance- disallowing any other transactions, helping their revenue in that sector as well).

Posted by: Castor Troy | January 15, 2007 11:54 AM

Ebay is very good about sending messages to their members about how to avoid being spoofed or scammed. One of the best things people can do rather than click on the links in their email (especially ones from "ebay" or "paypal" asking to verify passwords or credit card information) is to type the url directly into their browser. Once they do that and log into their account they'll be able to see that no request to change passwords or verify account info was made. Also if you type in http://www.paypal.com into your address bar, then the http will become https automatically. This virtually eliminates the chance of clicking on a spoof link since you entered the address for yourself. (For ebay, just type in https://signin.ebay.com)

And the statements above are so true about ebay not supporting Western Union transactions and transactions outside of ebay. The scammed party also should have known something was up when the scammer said they woule RELIST the item with BIN. All they had to do was edit the listing, not relist it. Always check feedback, ask if they have any other registered ebay ids, and for high dollar transacations (paypal defines high dollar amounts as over $500) ask for the contact information of someone they have previously sold to. And be VERY wary of someone selling a high dollar item and they have no feedback or are a new seller. That usually spells trouble. If they say "lets do escrow" then go the other way as well (that's for if you are selling the item)

Posted by: Nicole T. | January 15, 2007 12:07 PM

There seems to be some debate over analogies here. It is unfortunate that people get taken. However, as a rule, you never, ever click on links in e-mails. You sign into eBay (or Amazon, or Overstock) and can handle the entire transaction from beginning to end on the website.

E-mails, tragically, can be faked. Unless you're very skilled, they can be next to impossible to detect. However, typing in www.ebay.com or any other URL is a sure way to control the transaction from beginning to end.

I feel bad for the person above. It's not fun to get scammed. But eBay had nothing to do with this. The scammers were looking for a mark and found one.

Posted by: Bill F. | January 15, 2007 12:51 PM

ebay doesn't give crap what happens as long as they continue to make money period.Stay away from evilbay and you won't get rippred off.

Posted by: sleasebay | January 15, 2007 5:12 PM

Never bought/sold anything using Ebay. This story just assured me that I should keep going to Target.

Posted by: Elle | January 15, 2007 10:30 PM

Sorry, but I feel little sympathy. If the bidders had only exercised a little bit of common sense this would not have happened. To continue the analogies ... it's like saying it's Snake's fault Adam ate of the apple. Well, no, he ate it because he ignored all the warnings, didn't consider the consequences, and thought he was getting a good deal. It continues to be popular to blame somebody or something else for one's own actions.

Posted by: Robb | January 16, 2007 11:03 AM

I am sorry this lady lost her money but she's at fault. She says she recognized that paying via Western Union was a redflag and yet she went ahead with the transaction. In 2007 one would think people would be more careful about how they deal with internet sites.

What more can companies like eBay do? Unless people start paying closer attention to details things like this will continue to happen.

Posted by: Bart | January 16, 2007 1:16 PM

If you want ebay to cooperate, file a "John Doe" lawsuit against the seller and then subpoena ebay for the sellers's identity and all logs or other records associated with that item id. eBay won't fight you; with proper legal proceedure followed, they'll hand the info right over.

They can't hand the seller's identity over to you just on your say-so any more than they could hand your identity over to him.

Posted by: Bill | January 16, 2007 5:40 PM

I'm always amazed at how little sympathy people show for the victims here.

Assuming the story is correct, the only red flag was the Western Union payment (and there are legitimate sellers who require a wire payment).

What a lot of posters here seem to be missing is that the victim went through ebay for the second-chance offer, but was re-directed from the *authentic* ebay auction page to the scammer's site. According to the story (and the link which Annys included which details the scam), the victim did NOT buy the item by clicking on a fake link in their e-mail. The victim was re-directed, after logging on to ebay and clicking on a link to the second-chance offer, to the fake ebay page.

I've seen that myself on ebay, clicking on a link in ebay and getting re-directed off ebay--it wasn't instant in my case, and I remember thinking what the heck.

Having said all that, I'm not sure how you can hold ebay liable in this case. The transaction was outside of ebay (even if it started on ebay), and they paid with a method that ebay explicitly warns you about.

Having said that, ebay (and other companies) always like to tout how easy and safe it is to buy online, it's amazing there aren't more victims.

It's easy to say, look for strange-looking URL's, but legit companies re-direct you all the time on their websites to completely different domains.

A company's marketing always likes to tell you how easy and secure it is to use their service, but their fine print leaves all the responsibility with you.

Posted by: lurker | January 18, 2007 3:21 PM

Hello all and thank (most) of you for your comments. Shocked at how many of you presume I am at fault here, and could have easily avoided this. In fact I am college educated with a Masters degree, and I am here to tell you there was no way of telling this was fake. You would have to be criminally intelligent to spot it. The emails looked like Ebay, had links that lead to Ebays fraud policy, had email adresses from Ebay, and the transaction initiated on Ebay so I had no way of knowing that this was a fake. Someone had stolen $2800 dollars from me, not to mention $139 fee to send the Western Union. Looking at the emails, it would appear the Ebay agent was used to prevent fraud, and I assumed that Western Union was indeed safe, after all I had proof of whom I sent it to. So no Random Guy, your analogy does not apply. I did not request to go to the back door, nor did I think I was at the back door. The Detroit police are investigating this still. They have sadly discovered that there was a passport (legit-for those who suggested Fake ID-which could happen but not in this case) used to pick the cash up in Westland, MI, they have tagged the passport for activity. They have also subpoena'd video tapes from the Westland store where the money was picked up.

At the end of the day, I will never go on Ebay again, if their site is so easily duped, and their emails and services so easily and perfectly crafted and copied, they need to change things. If they charge to post their listings, they have to stand by their listings, not for the product, but how business is conducted. Furthermore, they could have given me the VIN number used to place the Ebay listing and did not, if they had nothing to hide, they would have, because you need a valid VIN to place an Ebay Motors listing. Consider this, if criminals could easily steal this kind of money using Ebay, if you were Ebay, wouldn't YOU change model? Does anything think I am the only one with such a story? You only have to Google Ebay Lawsuits to see. In fact the police told me they feel the responsibilty is on Ebay and I should sue them. Ebay should require new members go through a scam tutorial when they set up their accounts, or at least provide helpful information to the scammed member, like the VIN used to place the ad that started the scam in the first place? Again, all transactions were on Ebay to start with. The notification of 'buy it now' looked and felt like Ebay.

Anyway, hopefully none of you will share my experience, but know that it can happen to anyone, it is not a matter of knowing how to use the internet or spot scams. At least everyone who has read this blog will be more aware, and use safer methods of payment, and I think be more careful in buying things on the internet. And legit companies do rerirect you, do use agents, do accept Western Union. As for me, I think I will stick to the brick and mortor for anything above $500. And I will always use my credit card.

Posted by: Cathleen Graham | January 24, 2007 3:57 PM

The comments to this entry are closed.

 
 

© 2010 The Washington Post Company