Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Watchdog group urges TradeMe to improve security

Press release – issued by the ScamBusters
Issued 25th March 2007- “Scam Awareness Month”

Watchdog group urges TradeMe to improve security

Internet watchdog group ScamBusters today issued an urgent appeal for New Zealand’s biggest online auction site to improve its security procedures.

“A group of professional criminals based in Romania are targeting the site heavily at the moment” says spokesman Alf West, and it’s the increasing sophistication of these scams that worries the group.

“These guys are good,” says West. “They’re career criminals who specialise in online auction scams. They’ve sent out thousands of phishing emails which has led to the hijacking of some very established user accounts. West warns that the mass hacking of accounts is a new development which first began last year. “This has now reached serious proportions with new accounts being compromised on a daily basis”, he says.

ScamBuster Peter Andersen has been collating the hijacked accounts and auctions. He advises that so far 526 TradeMe user accounts have been identified as being hacked in the past twelve months alone. The scammers have used these accounts and a handful of new ones to run more than 1,850 fraudulent auctions. “They’ve offered over 94,000 individual items for sale”, he claims, “none of which exist.”

“The increasing social engineering skills demonstrated by these phishes are a serious concern” says Andersen.

The scammers post auctions for high value items like laptops and cellphones and almost always include an email address. “We need to make the point that these guys are not running auctions at all” says West. “They’re using TradeMe to gain email contact with potential victims.” He claims that while TradeMe eventually remove the fraudulent listings, the scammer’s email address is often visible for up to 24 hours at a time. ”For a 24/7 business that’s simply not good enough” he says.

Those who make contact with the scammers believe they are dealing with a New Zealander and normally receive an email saying something like, `I’m in London on business at the moment.’ The prices are tempting and victims are persuaded to send money via Western Union or other forms of money transfer“.

ScamBusters advises that this wave of phishing emails, account hijackings and associated scam listings are a continuation of the Romanian criminal activities that have dogged TradeMe for the last four years. And the group claim that TradeMe’s own system is helping the scammers.

“Once an account has been hijacked the scammer has access to that user’s last 45 days of trading history, including the email addresses of everyone he’s sold items to. The Romanians appear to be using that information to build their database of valid TradeMe users’ addresses. This results in another round of phishing emails, more hijacked accounts and more fraudulent auctions” says West. “Our research shows that the problem is increasing exponentially.”

“TradeMe have always been reluctant to publicly acknowledge scams on their site,” says West. “That’s the reason we formed ScamBusters back in 2003.”

“But a 24 hour business like TradeMe needs 24 hour security. We’re hoping that Fairfax will start to take this issue seriously. TradeMe needs to make Address Verification mandatory for all users who want to sell goods on the site and it needs to beef up its internal security system to identify account hijackings.”

“We’d like them to make their members aware of the type of scams that are happening right under their noses and to be more proactive in locking these people out.”

With around 3,000 members spread throughout New Zealand, the ScamBusters operate online forums where their members can report and discuss scams in progress. They often make email contact with the scammers to profile their methods.

Details of the hacked accounts, the type of goods offered and the contact details used by the scammers is available in the members section of the ScamBusters’ forum. www.scambusters.co.nz/forum


= = =

ENDS

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

Auckland Port To Recapture Gas: Union Calls On Ports To Stop Spewing Methyl Bromide

The Maritime Union of New Zealand welcomes the decision by Ports of Auckland to stop releasing methyl bromide emissions into the air. The move to fully recapture the toxic gas after fumigation sets a new benchmark for industry best practice. More>>

ALSO:

Retail: Banks Shoes Calls In Receiver

Banks Group, which runs 14 stores across the country under the brands including Banks Shoes and Shoe Connection, has been tipped into receivership at the request of director John Bank. More>>

ALSO:

NZ's Space Programme: Rocket Lab Makes It To Space (But Not Orbit)

Electron lifted-off at 16:20 NZST from Rocket Lab Launch Complex 1 on the Mahia Peninsula in New Zealand. It was the first orbital-class rocket launched from from a private launch site in the world. More>>

ALSO:

Earlier:

Budget: Irrigate (Good Times, Come On!)

Additional grant funding of $26.7 million over the next three years plus a capital boost of $63 million towards irrigation investments in Budget 2017 will deliver economic and environmental benefits through better use of water... More>>

ALSO:

Silver Fern Farms: Proposal To Close Fairton Sheepmeat Plant

Silver Fern Farms has advised its people of the proposal to permanently close the site, and has discussed potential transfer options to its other sites in the region as part of the consultation process...
More>>

ALSO: