Swandives

Stories abound about eBay fraud. Normally, they’re accompanied by the inevitable ‘oh, you must have been the victim of a phishing scam’ and a few pointers on what to do to avoid getting caught out:

• Don’t click on embedded links in email
• Install security software on your computer and keep it up-to-date
• Regularly install operating system updates
• Use the My Messages function in eBay to check the legitimacy of any correspondence.
• Don’t give out usernames and passwords, don’t use obvious passwords, change your password regularly…blah blah blah.

Now, that’s a lot of work right? Human nature being what it is, the chances are that at some point in time you’ve lapsed and not done one of these things. And then, somehow, it’s your fault because you’ve been baaad little computer user. Naughty naughty. And now your ID has been stolen and used for nefarious purposes.

Well, I’m here to tell you that that’s not necessarily the case.

You see, my eBay ID has been compromised. I now have feedback (all positive), even though I have NEVER bought or sold an item on eBay. I use it for research and browsing only — my husband’s the eBayer in our family.

eBay caught on to the problem faster than I did; not having logged on since September last year I was blissfully oblivious. The powers-that-be suspended my account (but didn’t email me to tell me about it — I didn’t find out until I had all sorts of trouble logging in). But here’s my problem:

• I’ve only ever logged into my account at work, securely tucked behind an organisational firewall and all sorts of security software.
• My PC isn’t generally connected to the internet, and when it is, I use the obligatory security suite.
• I don’t ever answer eBay emails, regardless of whether they’re legit.
• My eBay password is different to other passwords.

So how did it happen? I’d love to know. Security is a complex thing, so it’s unlikely I’ll get any answers soon. But I’m beginning to suspect eBay is not as secure as it likes to tell people.