Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 


Watchdog group urges TradeMe to improve security

Press release – issued by the ScamBusters
Issued 25th March 2007- “Scam Awareness Month”

Watchdog group urges TradeMe to improve security

Internet watchdog group ScamBusters today issued an urgent appeal for New Zealand’s biggest online auction site to improve its security procedures.

“A group of professional criminals based in Romania are targeting the site heavily at the moment” says spokesman Alf West, and it’s the increasing sophistication of these scams that worries the group.

“These guys are good,” says West. “They’re career criminals who specialise in online auction scams. They’ve sent out thousands of phishing emails which has led to the hijacking of some very established user accounts. West warns that the mass hacking of accounts is a new development which first began last year. “This has now reached serious proportions with new accounts being compromised on a daily basis”, he says.

ScamBuster Peter Andersen has been collating the hijacked accounts and auctions. He advises that so far 526 TradeMe user accounts have been identified as being hacked in the past twelve months alone. The scammers have used these accounts and a handful of new ones to run more than 1,850 fraudulent auctions. “They’ve offered over 94,000 individual items for sale”, he claims, “none of which exist.”

“The increasing social engineering skills demonstrated by these phishes are a serious concern” says Andersen.

The scammers post auctions for high value items like laptops and cellphones and almost always include an email address. “We need to make the point that these guys are not running auctions at all” says West. “They’re using TradeMe to gain email contact with potential victims.” He claims that while TradeMe eventually remove the fraudulent listings, the scammer’s email address is often visible for up to 24 hours at a time. ”For a 24/7 business that’s simply not good enough” he says.

Those who make contact with the scammers believe they are dealing with a New Zealander and normally receive an email saying something like, `I’m in London on business at the moment.’ The prices are tempting and victims are persuaded to send money via Western Union or other forms of money transfer“.

ScamBusters advises that this wave of phishing emails, account hijackings and associated scam listings are a continuation of the Romanian criminal activities that have dogged TradeMe for the last four years. And the group claim that TradeMe’s own system is helping the scammers.

“Once an account has been hijacked the scammer has access to that user’s last 45 days of trading history, including the email addresses of everyone he’s sold items to. The Romanians appear to be using that information to build their database of valid TradeMe users’ addresses. This results in another round of phishing emails, more hijacked accounts and more fraudulent auctions” says West. “Our research shows that the problem is increasing exponentially.”

“TradeMe have always been reluctant to publicly acknowledge scams on their site,” says West. “That’s the reason we formed ScamBusters back in 2003.”

“But a 24 hour business like TradeMe needs 24 hour security. We’re hoping that Fairfax will start to take this issue seriously. TradeMe needs to make Address Verification mandatory for all users who want to sell goods on the site and it needs to beef up its internal security system to identify account hijackings.”

“We’d like them to make their members aware of the type of scams that are happening right under their noses and to be more proactive in locking these people out.”

With around 3,000 members spread throughout New Zealand, the ScamBusters operate online forums where their members can report and discuss scams in progress. They often make email contact with the scammers to profile their methods.

Details of the hacked accounts, the type of goods offered and the contact details used by the scammers is available in the members section of the ScamBusters’ forum. www.scambusters.co.nz/forum


= = =

ENDS

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

No Voda/Sky: Commission Declines Clearance For Merger

The Commerce Commission has declined to grant clearance for the proposed merger of Sky Network Television and Vodafone New Zealand. More>>

ALSO:

EARLIER:

Power: IEA Report On New Zealand's Energy System

Outside of its largely low-carbon power sector, managing the economy’s energy intensity and greenhouse gas emissions while still remaining competitive and growing remains a challenge. More>>

ALSO:

NASA: Seven Earth-Size Planets Around A Single Star

NASA's Spitzer Space Telescope has revealed the first known system of seven Earth-size planets around a single star. Three of these planets are firmly located in the habitable zone, the area around the parent star where a rocky planet is most likely to have liquid water. More>>

ALSO:

Auckland Transport Case: Men Guilty Of Corruption And Bribery Will Spend Time In Jail

Two men who were found guilty of corruption and bribery in a Serious Fraud Office (SFO) trial have been sentenced in the Auckland High Court today... The pair are guilty of corruption and bribery offences relating to more than $1 million of bribes which took place between 2005 and 2013 at Rodney District Council and Auckland Transport. More>>

ALSO:

Hager Raid: Westpac Wrong To Release Bank Records To Police

The Privacy Commissioner has censured Westpac Banking Corp for releasing without a court order more than 10 months of bank records belonging to the political activist and journalist Nicky Hager during a police investigation into leaked information published in Hager's 2014 pre-election book, 'Dirty Politics'. More>>

ALSO:

EARLIER:

Get More From Scoop

 
 
 
 
 
 
 
 
Business
Search Scoop  
 
 
Powered by Vodafone
NZ independent news