macdunn Posted November 2, 2014 Share Posted November 2, 2014 (edited) To start with - I am aware that there was a security breach at eBay back in May 2014 and all eBay users were supposed to be notified to change their passwords. I do not recall ever receiving any notification, but had not been using my account, other than following items to buy, and did not change my password at that time. Now, on 31 Oct 2014, I decided it is time to sell some stuff again. When I went to post the listing, I was notified on-screen that 'it appeared that I was using a different machine' (from which it did not say). I have changed computers since the last time I sold anything but have been using the same new machine to browse since April 2014. So, I went ahead and changed my password and also changed (or entered a new clue - my mother's maiden name) the clue answer. Everything seemed to work and I was able to list an item for sale. The next morning, 1 Nov 2014, I got an email from eBay saying that my account had been temporarily suspended and my sale was cancelled. Since then, I have logged in again but when I was relisting the item again, I was asked for the answer to my mother's maiden name and the answer was not accepted. I then received (on-screen) the message -- Call us at 1-866-643-1607 and mention security code XXXXXXX (I am not showing it here security reasons). This is not the same confirmation code to confirm your account. This on-screen message is coming from the URL -- https://www.kgvrfn.ebay.com/Support/?reqinput= 60ed0be722c1f00f1f72387f2d25f661f1fda7ff9d8f75bb832ca01bd7fc048be866ec44bd36eca4411f21756ade3f4de969f658f03b2777a2f4d5651314b15a Does anyone know if -- 1) eBay is using a telephone number for this type of problem, 2) Is the URL - https://www.kgvrfn.ebay.com/ - an valid eBay URL I have never seen a phone number for eBay before and this URL does not seem right to me because of the sub-domain. I am getting frustrated enough to just go ahead and open a new account with eBay, losing my history of 100% satisfaction since I started buying and selling in 1999. Thanks in advance, -Mac- Edited November 2, 2014 by macdunn Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 2, 2014 Share Posted November 2, 2014 Personally I would go to ebay and use their Contact info. Your account was compromised since the breach stole login info and you did not change your password. Since you had a seller account. I would also make sure you do not have any fraudulant purchases. http://pages.ebay.com/help/account/contact-customer-support.html Another reason to always change your passwords when you are alerted of a security breach. Quote Link to comment Share on other sites More sharing options...
macdunn Posted November 2, 2014 Author Share Posted November 2, 2014 Thanks for the prompt suggestion. However, that is exactly what I was doing. I was able to change my password, twice in two days. The first time I also added or changed my mother's maiden name which eBay.com (US, I am currently in EU where I have a seller's account on eBay.de) accepted. However, when I went to relist the cancelled item, (as a logged in eBay.de seller, after clicking on the Post button, I am directed to a login dialog for eBay.com (US). When I log in on eBay.com, I got the message that I seem to be logged in on a different computer. I am then directed to get a confirmation number by 1) telephone, or 2) email. I select email since I do not trust telephone calls (who knows where the number is going, therefore I asked if eBay is using phone numbers). When I click on the Email radio button and clicked on the Next button, I am asked to enter my mother's maiden name to confirm my identity. At that point, the name is not accepted and after three tries, I at told that I have to wait 24 hours to try again. This 24-hour hold has happened two days in a row now. I do not recall receiving the security breach notification which I do usually pay heed to from any of my regular sites. So far, I have review my eBay account and my bank account (which is linked to my eBay account) and there are no fradulant purchases. Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 2, 2014 Share Posted November 2, 2014 Here is their customer service# 1 (866) 540-3229 Quote Link to comment Share on other sites More sharing options...
macdunn Posted November 2, 2014 Author Share Posted November 2, 2014 (edited) Thanks. That is the phone number I am currently on hold with. So, you trust that number? My Skype call center 'says' that the number is a Mobile number (cell). You may notice that that is a different number than the one which displayed on-screen (in my original text above - 1-866-643-1607 ). I will keep you advised when I get off the call. Edited November 2, 2014 by macdunn Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 2, 2014 Share Posted November 2, 2014 Yes, that is the their number. BTW 866 is the same as 800 in the US. Both are toll free numbers Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 2, 2014 Share Posted November 2, 2014 https://www.fcc.gov/guides/toll-free-numbers-and-how-they-work 1 Quote Link to comment Share on other sites More sharing options...
zlim Posted November 2, 2014 Share Posted November 2, 2014 1-866-643-1607 says it is eBay and if you scroll down, you see other numbers for eBay including the 866-540 phone number http://gethuman.com/phone-number/eBay/customer-support--15289/ Write them all down. 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 3, 2014 Share Posted November 3, 2014 Neat site Liz Quote Link to comment Share on other sites More sharing options...
macdunn Posted November 3, 2014 Author Share Posted November 3, 2014 (edited) I thought that I had written this update yesterday (Sunday) but it seems that I forgot to click on Post before I closed Firefox. So, the short result of my call to eBay Tech Support is that the entire problem with my login was that my <U>current IP Address (of my ISP here) was not in the database at eBay as a 'secure' IP address</U>. The longer version is that I went through eBay.com's Website and found a phone number for support regarding Account issues - 1 (866) 540-3229. I called the number (which Skype indicated is a Mobile number, for whatever reason (now that Microsoft owns Skype, who really knows what is going on with Skype)), was in the hold queue for 20 minutes, then spoke with one Tech Support representative for 25 +/- minutes when the rep said that they were responsible for Account issues, not security issues and then transferred me to a Security specialist. The Security specialist picked up my call immediately. We then went through all of the steps of the problem which has been plaguing me since Friday (two days before) and finally the specialist said that the problem was that the IP address I was coming in through is not in their list of 'secure' addresses. The specialist then asked me a series of security questions (not the ones which we can set through the User Account settings, but based on the account history, I will not go into them for security reasons). When the person was satisfied the I am who my account said I should be, the specialist added the IP address to the list of 'secure' addresses. The person stayed on the phone while I went through relisting the item which I had been trying to list when all of this started (actually, it was listed on Friday and then my account was blocked overnight (Friday/Saturday), the item sale cancelled and all of this security run-around started), and stayed on the line with me while I changed some over stuff in my account for test purposes. The total call took 1:10 hours. I have to wonder if the issue would have ever been resolved online rather than with a phone call. I think not. Overall, I give the two support people at eBay.com top marks for their help and resolution of the issue. I say this having spent 1 year taking Tech Support calls for WordStar 30 years ago and knowing what it is like at the Tech Support end and before the days of 800 numbers. Ring, Ring! Tech Support--This is Tech Support, what is the name of your product? User - WordStar Tech Support--And, what version? User - 3.31 Tech Support--And, what is your problem? User - My computer has locked up and my Master's thesis is on-screen. What can I do? I have to submit it in XX days. Tech Support--Well, since your computer is locked up, you will have to reboot it. You will then have to open the last saved version and retype the part which has not been saved since the last time you saved the document. User - But, this is the first draft and I have not saved it yet. Tech Support--I am sorry but then you are going to have to rewrite it. Can I do anything else for you? This is a true scenario, several times. And. more often than not, the caller had been waiting for the rep for 15 minutes. I have lost data myself, so I nowadays, if I am writing a document, etc., I save every paragraph. And, make regular backups of my HDD, though not until recently my iPad. So, again to recap the short result of my call to eBay Tech Support is that the entire problem with my login was that my current IP Address (of my ISP here) was not in the database at eBay as a 'secure' IP address. Edited November 3, 2014 by macdunn 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 3, 2014 Share Posted November 3, 2014 Glad that you got it sorted Quote Link to comment Share on other sites More sharing options...
macdunn Posted November 3, 2014 Author Share Posted November 3, 2014 well, it is worked out when I use Chrome to view my account on eBay.de or eBay.com. When I use my older Firefox which I have used forever, including all of last week until the problem first popped its head up, I am still getting the message that I seem to be using a different machine and that I need to be confirmed, and then the process hangs. Using Chrome (which also had the same problem last Friday, Saturday and Sunday as with Firefox) does work now, so I have given up on using my older Firefox to monitor my eBay account and just use Chrome. Oh, well. Progress with software is always just a programmer's wet dream or, in California a programmer's pipe dream. Quote Link to comment Share on other sites More sharing options...
V.T. Eric Layton Posted November 3, 2014 Share Posted November 3, 2014 Dump your cookies, history, cache in Firefox. Close it down. Restart it and retry your eBay stuff. Anyway, congrats on a successful resolution of the issue. Be sure and tell someone (via email or whatever) what a fine job those support folks did for you. They rarely ever get any love from callers. I used to do tech support for Phillips America (consumer electronics). It's not a fun job. 2 Quote Link to comment Share on other sites More sharing options...
abarbarian Posted November 4, 2014 Share Posted November 4, 2014 Well done E-Bay, I am dead impressed with the service they gave. 1 Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 5, 2014 Share Posted November 5, 2014 Well done E-Bay, I am dead impressed with the service they gave. Ebay is fine. Now Paypal.... that's a whole different story. (I was charged double back in 2004 for $300 and they never made it right) Quote Link to comment Share on other sites More sharing options...
Capt.Crow Posted November 5, 2014 Share Posted November 5, 2014 E-bay ,For some reason wouldn't let me buy some stuff from the states this evening . So I just paid a tad more and ordered it from Blighty Quote Link to comment Share on other sites More sharing options...
macdunn Posted November 6, 2014 Author Share Posted November 6, 2014 (edited) I complimented both of the support people throughout the two conversations. I could tell, with my experience doing Tech Support way back when, that the first person was possibly at the end of the rope, though stayed professional throughout. The second person was cool and cheerful while resolving the issue - adding my ISP's IP address to the 'trusted' address list. The support was coming from the Philippines. I have known for some time now that a lot of companies have shifted their support from India to the Philippines. I have worked in Sillycon Valley with a lot of Indians and have known and worked with Filipinos in other locales before. I have nothing but compliments to say about the help provided by the Filipinos. Re: eBay - last week eBay credited my bank account (here in Germany, you register your bank account with eBay for payment of sellers' fees, not a credit card since many Germans have not had credit cards until recently) with 1 cent. No idea why. I have not sold on eBay since last August. And, out of the blue, I got an email at midnight (00:00) Tuesday from eBay.com -- "Thanks for consistently delivering exceptional service to your buyers. We're here to provide you a marketplace where you can sell with confidence. That's why we've taken the following steps during the past month to protect your account:" "Upgraded 1 of your detailed seller rating(s) to five stars" Again, no idea why since I have not been doing any selling between August 2014 and this new listing which started this 'security' issue. Has eBay been sold to Microsoft? Sounds like the 'boys' from Redmond. Edited November 6, 2014 by macdunn 1 Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted November 6, 2014 Share Posted November 6, 2014 Are you sure the email was from eBay and was that message also in your eBay message center under My eBay? Quote Link to comment Share on other sites More sharing options...
macdunn Posted November 6, 2014 Author Share Posted November 6, 2014 (edited) To be honest, I already dumped the Message Center contents and I do not remember what came in. Here is the actual eMail as saved by my eMail client - Eudora -- X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on a.spam.sonic.net X-Spam-Level: X-Spam-Status: No, score=-20.0 required=1.0 tests=DCC_REPUT_00_12,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,RCVD_IN_DNSWL_HI,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_SAFE,RP_MATCHES_RCVD,SNF4SA, SONIC_REFERENCE_ID,USER_IN_DEF_DKIM_WL autolearn=disabled version=3.4.0 X-Spam-SNF-Result: 0 (Standard White Rules) X-Spam-MessageSniffer-Scan-Result: X-Spam-MessageSniffer-Rules: 0-0-0-19314-c X-Spam-GBUdb-Analysis: 0, 69.12.221.245, Ugly c=1 p=-0.528275 Source Normal Received: from i.mx.sonic.net (a.spam-proxy.sonic.net [69.12.221.245]) by d.spam.sonic.net (8.14.4/8.14.4) with ESMTP id sA4N0tgJ024051 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Tue, 4 Nov 2014 15:00:55 -0800 Received: from mxslcpool25.ebay.com (mxslcpool25.ebay.com [66.135.215.91]) by i.mx.sonic.net (8.14.9/8.14.9) with ESMTP id sA4N0sma031399 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for ; Tue, 4 Nov 2014 15:00:55 -0800 Received: from slc4b03c-a139.stratus.slc.ebay.com (slclb69.slc.ebay.com [10.89.178.12]) by mxslcpool25.ebay.com (8.14.4/8.14.4) with ESMTP id sA4MxPCo000387 for ; Tue, 4 Nov 2014 16:00:53 -0700 X-DKIM: Sendmail DKIM Filter v2.8.3 mxslcpool25.ebay.com sA4MxPCo000387 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=ebay.com; s=dkim1k; t=1415142053; bh=UHb7bLD33rf50S4zupd4NLp6mDw=; h=From:Reply-To:To:Message-ID:Subject:MIME-Version:Content-Type; b=fDzwBRyzYoUMqdhr0RJwSouktZDhAb8XtVyIFR/wznFbMkd2qxwKfb+psJtpou4DJ Z3m+JdmFbGmpRdTt+v6sQ4Q9khUKwqKIp0S/guiNwCFnVK4/XaOHjO9atqK8onwUWH WB/qHVhCdZDyZ61m6bM2JpJ+e3wLvsCJY1H2vqak= Date: Tue, 4 Nov 2014 16:00:53 -0700 From: eBay Reply-To: ebay@ebay.com To: sheldunn@sonic.net Message-ID: Subject: We've protected your selling account MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_30696651_2116845100.1415142053578" ReplyTo: ebay@ebay.com X-eBay-MailVersionTracker: 897.17243231 X-eBay-MailTracker: 13215_2504.897.0.0.dfc90f3bc9f8456c9693b794fb942315 X-Orthrus: tar=0 grey=no co=US os=Linux/3.1-3.10/1 spf=pass dkim=pass Go to your Seller Dashboard for details, Sheldon. eBay We've protected your selling account Hi Sheldon, Thanks for consistently delivering exceptional service to your buyers. We're here to provide you a marketplace where you can sell with confidence. That's why we've taken the following steps during the past month to protect your account: Upgraded 1 of your detailed seller rating(s) to five stars We've already updated your seller dashboard to reflect these changes, which are for transactions made during the past year. When we remove transaction defects, your transaction defect rate may not go down if you had transactions that received more than one defect. We'll continue to improve our monitoring, detection systems, and policies to protect sellers like you. To see these updates, go to your Seller Dashboard . Go To Seller Dashboard Email reference id: [#dfc90f3bc9f8456c9693b794fb942315#] eBay sent this message to Sheldon (sheldunn). Learn more Why am I receiving this email? You are receiving this email based on your eBay account preferences. If you'd rather not receive these emails, click unsubscribe. eBay is committed to your privacy. Learn more about our privacy policy and user agreement. © 2014 eBay Inc., 2145 Hamilton Avenue, San Jose, CA 95125 Edited November 6, 2014 by macdunn Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 6, 2014 Share Posted November 6, 2014 Looks legit. Quote Link to comment Share on other sites More sharing options...
macdunn Posted November 6, 2014 Author Share Posted November 6, 2014 (edited) one thing stands out in the HTML code of the eMail (I was going to post the entire eMail here, but since it is loaded with HTML tags, it cannot be posted, however here is the header before the HTML code, note the very first line - "From ???@??? Wed Nov 05 10:36:39 2014" - everything else seems legit) -- From ???@??? Wed Nov 05 10:36:39 2014 Return-Path: ebay@ebay.com X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on a.spam.sonic.net X-Spam-Level: X-Spam-Status: No, score=-20.0 required=1.0 tests=DCC_REPUT_00_12,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,RCVD_IN_DNSWL_HI,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,RCVD_IN_RP_CERTIFIED,RCVD_IN_RP_SAFE,RP_MATCHES_RCVD,SNF4SA, SONIC_REFERENCE_ID,USER_IN_DEF_DKIM_WL autolearn=disabled version=3.4.0 X-Spam-SNF-Result: 0 (Standard White Rules) X-Spam-MessageSniffer-Scan-Result: X-Spam-MessageSniffer-Rules: 0-0-0-19314-c X-Spam-GBUdb-Analysis: 0, 69.12.221.245, Ugly c=1 p=-0.528275 Source Normal Received: from i.mx.sonic.net (a.spam-proxy.sonic.net [69.12.221.245]) by d.spam.sonic.net (8.14.4/8.14.4) with ESMTP id sA4N0tgJ024051 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for <sheldunn@lds.sonic.net>; Tue, 4 Nov 2014 15:00:55 -0800 Received: from mxslcpool25.ebay.com (mxslcpool25.ebay.com [66.135.215.91]) by i.mx.sonic.net (8.14.9/8.14.9) with ESMTP id sA4N0sma031399 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT) for <sheldunn@sonic.net>; Tue, 4 Nov 2014 15:00:55 -0800 Received: from slc4b03c-a139.stratus.slc.ebay.com (slclb69.slc.ebay.com [10.89.178.12]) by mxslcpool25.ebay.com (8.14.4/8.14.4) with ESMTP id sA4MxPCo000387 for <sheldunn@sonic.net>; Tue, 4 Nov 2014 16:00:53 -0700 X-DKIM: Sendmail DKIM Filter v2.8.3 mxslcpool25.ebay.com sA4MxPCo000387 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=ebay.com; s=dkim1k; t=1415142053; bh=UHb7bLD33rf50S4zupd4NLp6mDw=; h=From:Reply-To:To:Message-ID:Subject:MIME-Version:Content-Type; b=fDzwBRyzYoUMqdhr0RJwSouktZDhAb8XtVyIFR/wznFbMkd2qxwKfb+psJtpou4DJ Z3m+JdmFbGmpRdTt+v6sQ4Q9khUKwqKIp0S/guiNwCFnVK4/XaOHjO9atqK8onwUWH WB/qHVhCdZDyZ61m6bM2JpJ+e3wLvsCJY1H2vqak= Date: Tue, 4 Nov 2014 16:00:53 -0700 From: eBay ebay@ebay.com Reply-To: ebay@ebay.com To: sheldunn@sonic.net Message-ID: 9e8da160-8b15-4039-97c9-8d149382aff8@slc4b03c-a139 Subject: We've protected your selling account MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_30696651_2116845100.1415142053578" ReplyTo: ebay@ebay.com X-eBay-MailVersionTracker: 897.17243231 X-eBay-MailTracker: 13215_2504.897.0.0.dfc90f3bc9f8456c9693b794fb942315 X-Orthrus: tar=0 grey=no co=US os=Linux/3.1-3.10/1 spf=pass dkim=pass Edited November 6, 2014 by macdunn Quote Link to comment Share on other sites More sharing options...
securitybreach Posted November 6, 2014 Share Posted November 6, 2014 That is why you always go to ebay to check your messages. Quote Link to comment Share on other sites More sharing options...
Guest LilBambi Posted November 6, 2014 Share Posted November 6, 2014 Yes, I never respond or click on anything in emails from eBay. We have a safe way to deal with messages via the website or if on phones, eBay app. At the very least I make sure I got the same message in my eBay account messages area. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.