The Daily Mail’s This is Money have investigated the £54,000 eBay fraud which Richard Crisp of Home Care Essentials became victim of and they too have hit an impenetrable brick wall with both eBay and PayPal passing the buck to each other when asked who is to blame.
You can read the original story here, but put simply scammers somehow accessed his account, bought new domains very similar to his and changed his email address with just one letter different to divert funds over a prolonged period of time. On day 1 of the scam just £11.30 was diverted, but add relatively small sums up over a long time frame and tens of thousands of pounds are syphoned off by the criminals.
Richard’s £54,000 eBay fraud is not a one off, another recent case we heard of saw a seller lose £15,000 before catching the fraud. Other cases vary from a few hundred to thousands and the most worrying aspect is we have no idea how widespread the fraud is and how many other sellers are still losing small amounts of money on a daily basis. The daily sums are small but the losses run into tens of thousands.
What are eBay saying about the £54,000 eBay fraud?
eBay haven’t been able to tell Richard how (or even if) his account was compromised. If we knew this we could give some advice on how to protect your account. Obviously if a different IP address accesses your account then this should be caught by eBay but what if the hack is being perpetrated via a third party tool? If the eBay account itself was hacked then surely eBay should be held responsible for the critical settings that have been changed? But eBay say that as they never received the funds they aren’t liable and recovery rests with PayPal.
What are PayPal saying about the £54,000 eBay fraud?
PayPal continue to say that Richard’s own PayPal account was never compromised and how were they to know that the fraudulent accounts receiving the funds weren’t legitimate? PayPal too have questions to answer such as how these fake accounts were set up in the first place and how they passed anti-money laundering checks. It shouldn’t be easy to set up PayPal accounts with fake details and use them to skim money from legitimate sellers.
PayPal however are saying that as the changes were made on eBay it’s down to eBay to put things right.
What are the Police saying about the £54,000 eBay fraud?
The local Police are unsurprisingly unable to assist and sent Richard off to report the crime to Action Fraud. It’s hard not to have sympathy with the local bobby as this is a sophisticated crime, almost certainly with fraudsters not in the UK. Action Fraud is a report, get a crime number and cross your fingers and forget type of service however.
What’s most galling is that this is treated as a victimless crime. It’s not. Richard has personally lost tens of thousands and is most certainly worthy of the Police doing their best to chase the scammers down.
What will stop this happening to you?
This is a scam that we have traced back at least as far as 2017. eBay and PayPal should both be aware of a case that came to light in early 2018. Both companies have had over a year to warn their users of the scam and to put steps in place to prevent it ever happening again.
It’s pretty clear that if someone is skimming funds from your eBay sales that there are unlikely to be any warnings forthcoming. You are also unlikely to be easily able to spot a different email address as it could be masked – the favourite is to swap an “l” for an “I” – that is a lower case L and and upper case i.
Bulk changing your payments email address on eBay is a solution that can help keep you safe…. although we have no solution on how to stop the hackers coming back in and changing the address again if they’ve access to your eBay account or a third party tool that can change the email addresses back again.