To help fellow members identify how this happened to me on ebay, let me explain. I recently put up my old van for auction, bad transmission and all. For a week now it received moderate attention with several bids and loads of questions.
Today when the auction was to close I received one question from an ebay member. It looked like any other question from ebay so I opened it. The sender (real eBay account name) told me that someone had spoofed my auction and to check it out. It provided a link.
Mistake #1, I opened the link. This did not cause my problem but started me on the road to it. Once I clicked on the link it opened an ebay login page, authentic right down to the verisign logo.
Mistake #2, this was the big one, I logged in and it took me to an ebay page stating the link could not be found.
I immediately contacted ebay spoof to report this but it was to late. By noon the perp ended my auction early and sent a message to the winning bidder. It then sent second chance offers to all the other bidders.
Ebay says that the contacted everyone and explaned the situation but I am still getting emails asking for explanations. Hard lesson learned.
I am pretty good about these things but they caught me in a moment of weakness when I was rushing around and not thinking clearly. I now had to change my ebay password, email password and for good measure I also notified AMEX to put a watch on my account.
If you are one of those who think that I should have only responded to email out of the eBay message site I can tell you that that same spoof email is right there with the rest of them. They have the ability to use eBay messages also. This one got me and it is cleaver but I also allowed this to happen by signing in. Lesson learned and I hope to prevent any of you following in my footsteps. No matter how tempting don't log into eBay unless you are certain you are in eBay. eBay has not yet killed the original auction so I have to get after them on this.
Ray Homiski
Elizabeth, NJ