Beware the eBay identity thieves

Criminals are tricking legitimate UK auction site users into handing over their user identities to set up bogus auction accounts for carrying out scams.

The scammers rely on good ratings earned by the legitimate users to make their own, bogus auctions look respectable.

They typically offer a limited number of high-priced consumer goods - such as notebook PCs and televisions - at 'bargain' prices.

But the goods do not exist, and the scammers disappear with thousands of pounds that buyers have handed over.

This damages the reputation and eBay ratings of legitimate sellers, and risks them being falsely accused of fraud.

vnunet.com has been contacted by readers whose own eBay identities and passwords have been stolen.

The auction site said it was aware of the problem in the US but not that the trend had spread to the UK.

It said that con men use two main ways to steal user information.

The fraudsters appear to be carefully targeting their victims, eBay said. They monitor the site and the type of goods on sale so they can match them.

They then either send out emails or employ software robots to try and crack users' passwords.

Chris Donlay, spokesman for eBay, said: "They send emails asking the user to verify their passwords and email accounts by directing them to an 'account manager', or they use embedded links in the email that direct people to a spoof site resembling eBay.

"The sites and emails look very professional but eBay will never ask users for personal information, so they should be alerted immediately if asked for this information," Donlay said.

People also use very simple passwords despite all the warnings or the same password for various sites.

For example someone selling teddybears often has teddybear as the password, making it easier for the conmen to crack.

"We are well aware of these tricks in the US but until vnunet.com called didn't realise it could be becoming a problem in the UK," Donlay said.

eBay claims it will close down a seller that its fraud detection checklists have identified as using the site fraudulently.

But it is still unable to catch them all as they set up and then abandon accounts so quickly.

To safeguard themselves, users should monitor their sites regularly - even if they have nothing to sell, Donlay advised.

"These con men often set use the stolen sites for only a day or two then disappear when they have got some money," he said.