Share This:

What are your Labor Day weekend plans? Chances are they won’t prove as lucrative as those of Pierre Omidyar back in 1995, who spent his three-day weekend launching a website called AuctionWeb from his San Jose home. We now know AuctionWeb by its current name, eBay.

Omidyar’s first sale on the future eBay Inc. was a broken printer. The starting bid was $1—but a week later, the winning bid from a Canadian buyer was $14.83. As the site gained popularity, Omidyar’s ISP made him upgrade to a business account, which increased expenses enough that he began charging users to post listings. An empire was born.

Cybercriminals take aim at eBay

Collectors and ecommerce entrepreneurs weren’t the only ones to take note. Cybercriminals also saw potential for mayhem:

    • In perhaps the most infamous cyberattack on eBay, hackers used employee login credentials to steal encrypted passwords and a host of personal information, including birth dates and physical addresses. The attack prompted eBay to ask its entire userbase of 145 million to change their passwords.
    • In September 2014, the UK eBay site was compromised through a cross-site scripting (XSS) attack. Malicious Javascript code was placed on product listing pages, redirecting users through multiple websites and ultimately to a spoof login page (which in turned contained additional malicious code). A Scottish IT worker found the attack after clicking on a product listing for an iPhone.
    • In March 2015, security experts identified a flaw related to product images. eBay servers did not image file headers, allowed for camouflaged file extensions hiding malware.

An eBay purchase always carries some element of risk—and in rare cases, you might end up with more than negative feedback.

Photo: Ken Wolter / Shutterstock


Share This:
Kate Johanns

Posted by Kate Johanns

Kate Johanns is a communications professional and freelance writer with more than 13 years of experience in publishing and marketing.

Leave a reply

Your email address will not be published. Required fields are marked *