eBay security breach and fraud

Status
Not open for further replies.

curious14

New Member
I was recently defrauded of a painful but not life-threatining sum of money (well under $1000) following a fraudulent eBay auction. The seller is a longstanding and honest eBay member with extremely positive feedback so I agreed to pay by Western Union, something I had never done and will never do again (although I have used alternate payment methods before with honest people without problems). I have since found out that the seller's account had been hijacked and I played right into their hands.

However, my major complaint is with eBay, which has done nothing but send me worthless form emails encouraging me to try to work this out with the seller. I contacted the legitimate account owner. She discovered the security breach and immediately notified eBay through its Live Help facility. She then tried to contact all members who had bid on the item in question to notify them of the breach.

However, eBay suspended her account as soon as she alerted the breach, preventing her from contacting anyone. Worse, eBay then dawdled on the issue, failing to notify me until a full 17 hours later (and then only by email), despite the fact that a fraudulent auction had already concluded 9 hours before they were notified. I called WU to cancel the money order as soon as I received eBay's note but it was about 2 hours too late - the money was gone. In other words, eBay had more than a 12-hour window during which this whole thing could have been prevented. Ironically, it would have been prevented if the legitimate account owner had not notified eBay or had not been prevented from notifying at-risk bidders.

Do I have a legitimate small claim against eBay, if not for their inadequate security policies then for failing to notify me promptly and effectively preventing me from being notified? As I said before, the loss of money is painful and yes, I made some mistakes that I now feel stupid for, but eBay's complicity in this crime, dawdling response and secretive follow-up infuriate me even more.
 
Update to ebay fraud thread

Woops - the account owner got back to me and says she had her timeline wrong by a day. In fact, she contacted ebay only after receiving notes from ebay regarding the breach; in other words, ebay discovered the breach first.

However, she also says that the thief held at least 5 auctions ending over a 4-day period. He was able to seize control of the account and redirect emails to himself without being detected for many days. Incidentally, it is the email redirection that caught me - upon winning the auction, I sent an email through ebay's "secure" system and the thief responded to me directly (i.e. he had received my email address from ebay) and quoting my "secure" email (i.e. he was in charge of the account).

I assume ebay detected the breach when he returned the account information back to its original state after picking up the last of the money. Presumably ebay's system raises a flag when account information is changed twice in a relatively short period or some similar pattern of behavior.

Do I still have a small claims case against ebay based on its inadequate security procedures/policies? What would it look like? I see this as a much more significant breach than the standard "item not as described" or "item not received" problems that arise when a seller is less than completely honest and that ebay's policies are set up to handle. This is a criminal masquerading as an honest seller for days without being detected until he has finished his work and ebay both presenting me with inaccurate information by which to evaluate the seller and providing the criminal a mechanism that helps him look legitimate.

Ironically, if my explanation is correct, ebay's system only flags such hijacking when the criminal is finished and returns the account to its original state.
 
Status
Not open for further replies.
Back
Top