Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Watchdog group urges TradeMe to improve security

Press release – issued by the ScamBusters
Issued 25th March 2007- “Scam Awareness Month”

Watchdog group urges TradeMe to improve security

Internet watchdog group ScamBusters today issued an urgent appeal for New Zealand’s biggest online auction site to improve its security procedures.

“A group of professional criminals based in Romania are targeting the site heavily at the moment” says spokesman Alf West, and it’s the increasing sophistication of these scams that worries the group.

“These guys are good,” says West. “They’re career criminals who specialise in online auction scams. They’ve sent out thousands of phishing emails which has led to the hijacking of some very established user accounts. West warns that the mass hacking of accounts is a new development which first began last year. “This has now reached serious proportions with new accounts being compromised on a daily basis”, he says.

ScamBuster Peter Andersen has been collating the hijacked accounts and auctions. He advises that so far 526 TradeMe user accounts have been identified as being hacked in the past twelve months alone. The scammers have used these accounts and a handful of new ones to run more than 1,850 fraudulent auctions. “They’ve offered over 94,000 individual items for sale”, he claims, “none of which exist.”

“The increasing social engineering skills demonstrated by these phishes are a serious concern” says Andersen.

The scammers post auctions for high value items like laptops and cellphones and almost always include an email address. “We need to make the point that these guys are not running auctions at all” says West. “They’re using TradeMe to gain email contact with potential victims.” He claims that while TradeMe eventually remove the fraudulent listings, the scammer’s email address is often visible for up to 24 hours at a time. ”For a 24/7 business that’s simply not good enough” he says.

Those who make contact with the scammers believe they are dealing with a New Zealander and normally receive an email saying something like, `I’m in London on business at the moment.’ The prices are tempting and victims are persuaded to send money via Western Union or other forms of money transfer“.

ScamBusters advises that this wave of phishing emails, account hijackings and associated scam listings are a continuation of the Romanian criminal activities that have dogged TradeMe for the last four years. And the group claim that TradeMe’s own system is helping the scammers.

“Once an account has been hijacked the scammer has access to that user’s last 45 days of trading history, including the email addresses of everyone he’s sold items to. The Romanians appear to be using that information to build their database of valid TradeMe users’ addresses. This results in another round of phishing emails, more hijacked accounts and more fraudulent auctions” says West. “Our research shows that the problem is increasing exponentially.”

“TradeMe have always been reluctant to publicly acknowledge scams on their site,” says West. “That’s the reason we formed ScamBusters back in 2003.”

“But a 24 hour business like TradeMe needs 24 hour security. We’re hoping that Fairfax will start to take this issue seriously. TradeMe needs to make Address Verification mandatory for all users who want to sell goods on the site and it needs to beef up its internal security system to identify account hijackings.”

“We’d like them to make their members aware of the type of scams that are happening right under their noses and to be more proactive in locking these people out.”

With around 3,000 members spread throughout New Zealand, the ScamBusters operate online forums where their members can report and discuss scams in progress. They often make email contact with the scammers to profile their methods.

Details of the hacked accounts, the type of goods offered and the contact details used by the scammers is available in the members section of the ScamBusters’ forum. www.scambusters.co.nz/forum


= = =

ENDS

© Scoop Media

 
 
 
Business Headlines | Sci-Tech Headlines

 

Manawatu-Whanganui Projects: PGF Top-Up To Rural Broadband Roll-Out

The government has effectively raided the $3 billion Provincial Growth Fund to top up the budget for the second phase of its rural broadband initiative, filling in mobile 'black spots' and ensuring broadband is available to marae that don't have access now. More>>

ALSO:

Other Windy Cities: Auckland-Chicago Named A Top 10 ‘Most Exciting’ New Route

The inclusion of Auckland-Chicago on Lonely Planet’s Where to fly in 2019? The 10 most exciting new flight routes list comes just two weeks before Air New Zealand prepares to celebrate its inaugural flight to Chicago’s O’Hare International Airport on 30 November. More>>

Deadly Strain: ESR Ups Its Reporting On Meningococcal Disease

The increasing number of cases of Group W Meningococcal disease (MenW) has prompted ESR to increase its reporting on the disease to the Ministry of Health. ESR has upped its reporting to weekly. More>>

ALSO:

Very Small Things: "Game-Changing" 3D Printing Technology Launched

New Zealand microfabrication researchers Andrea Bubendorfer and Andrew Best, the co-inventors of a new way of fabricating very small things with Laminated Resin Printing (LRP), are part of Callaghan Innovation’s MicroMaker3D team launching the new patent pending technology in the US this week. More>>

ALSO: