Alert: eBay iPhone Listings Redirecting to Phishing Pages

Last night, the BBC published an article stating that eBay item listings are vulnerable to cross site scripting attacks, which can lead users to phishing pages.

Such attacks place malicious code within the listing field that lets sellers link to legitimate third party websites. When users click on links that contain this code, they are redirected to phishing pages that look like the eBay log in page. Users who enter credentials are at risk of having their eBay account compromised.

This type of attack was first discovered by an eBay power user who found it in action on a listing for a cheap iPhone. In addition, the BBC states that they have discovered 2 other eBay item listings from the same account using cross site scripting attacks. eBay has yet to make a statement on the matter, but initial reports indicate that the 3 malicious listings have been removed.

To avoid this phish:

• Stay away from item listings that seem too good to be true (hint: they are)
• Only log into a web account after independently navigating to that website on your own
• Check out eBay’s Marketplace Safety Tips

As yet, the total number of item listings this vulnerability affects is unknown – so be careful where you bid! If you think you might have fallen for a phish, change your password ASAP and keep a close eye on your eBay account.

Emsisoft users are automatically protected from this threat by our products’ Web Protection technology. Original report from the BBC can be found here.