eBay redirect feature comes handy for phishers

eBay redirect feature comes handy for phishers

One of the worlds biggest e-commerce enabled website and the popular online auctioneer website eBay has often been target by the phishers through fake mail scandals. The latest news in is that a poorly implemented redirect tool by eBay is in fact being helpful for the phishers to fool the users into believing that they are visiting an eBay page when they are not.

The flaw can be used to redirect the user to a fake site from a legitimate eBay link. Many sites including Google uses redirect to send users to external websites but show an interim message in between informing the user that they are leaving the current website. eBay’s redirect tool seems to be lacking this facility.

eBay was informed about this flaw by the security experts quite sometime ago but they are yet to fix the issue (at the time of writing of this article, the bug still existed). Phishers can possibly use this to exploit the trust users have over the popular website in question.

Phishing is generally used by developers of malicious websites into faking real websites and getting users to submit personal information on them. This information can be used to extract credit card numbers and other important information about the victim. The faked webpages are generally login forms, defacements, false press releases.

eBay on their part have responded to the problems and assured that the problem would be fixed soon. Phishing has become one of the worst problems for net users in the recent times. All the major browsers including Internet Explorer, Firefox, and Opera have taken steps to fix and update their browsers to include features to inform users about how safe the visited website is.