eBay; the leading social online shopping site has recently been compromised which has resulted in huge risk for its customers. The hackers or thieves made the eBay site in such a way that customers who clicked on varieties of it links were meant to automatically be diverted to a particular site which is specially designed to take away their credentials. This US virtual shopping giant had suffered from the hack on the last Wednesday night but they were only able to react after a wakeup call coming from the BBC; which is more than twelve hours later after the incident.
Dr Steven also stated, “EBay is pretty competent, but obviously it has been caught out here. Cross-site scripting is well within the top 10 vulnerabilities that website owners should be concerned about. This report relates only to a ‘single item listing’ on eBay.co.uk whereby the user has included a link which redirects users away from the listing page. We take the safety of our marketplace very seriously and are removing the listing as it is in violation of our policy on third-party links”.
This issue had first been identified by an IT worker from Alloa in Clackmannanshire, Paul Kerr; who is also as ‘eBay Powerseller’. After he experienced the attack by clicking on a list for an iPhone that had been redirected, he called the eBay to inform about this illegal act. He told the BBC, “The advert had been up for 35 minutes”.
In the light of this current incident, everyone should know that it is not the first time that eBay has suffered from technical setback in the recent time. eBay had experienced quite a few unexpected incidents where its users were unable to sign in to their accounts while also receiving alerts for putting incorrect passwords.