5 Things to check before selling on eBay, Facebook or etsy

A serious new warning today for any of you selling in market sites online. Here are the five main things to check now before listing, selling and transporting products to Ebay, Etsy or Facebook, or any of other websites that have completely democratized with retail.

The warning comes with Cisco Talos’s courtesy, which provides a turn in the usual scammers paradise in this world. “When we think of online security in the context of these platforms, we often focus most of our efforts and recommendations for the threats that buyers aim for.” But now “scammers are also actively targeting people who sell items on these platforms as well.”

staleGoogle says its encryption has not changed – did Android beat the iPhone now?from Zak Daffman

Unless, these risks include high value items required without any form of real payment, but criminals are also targeting sellers busy with high account balances. We all know that these bad actors show market markets, but their activity can still be extremely difficult to see as the seduction of a sale comes into focus.

The most obvious such attack is the direct phishing Credient, “using the features (s) of platform messages as a mechanism to communicate directly with [sellers] for the purposes of phishing or distribution of malware. “These attacks can target the credentials for the market itself, or go directly for financial information through a phishing website, where they will cheat a user to leave the market.

Gmail, Outlook warning – yes, you need a new app

Talos gives the example of “a direct direct message to a reverb seller account [that] It was created to appear as if it were sent by the Reverb team itself. He informs the seller that their item has sold and makes them complete the account verification to ensure that they receive payments for the item (s) they have sold. “The victim was subsequently redirected” on a malicious server under the striker’s control. “

It may sound stupidly simple to notice, but “this technique uses percentage coding, a blocking technique, to mask the redirection destination and to make it look like the connection is showing on the legal Reverb website. “

Talos also warns of the seductions to deceive you to remove the seller’s protection provided by the market. These protect you against “the usual types of fraudulent claims that can be made by buyers, such as discrepancies, damage, etc. to stay in force, they generally require the buyer and seller to perform the transaction by following certain requirements that activate the right solution if an issue arises. “

Bypassing such protection is so easy that you cheat to get part of the transaction outside the market, “as this will repeal the defense policy that would otherwise be in the country using a variety of pretexts and topics.” Similarly, to seduce the use of unusual transport arrangements will have the same effect. For both, social engineering tactics are used to provide reliable reasons – ignore all of this.

Microsoft update fails – how to stop Windows Windows new installation

And on the same topic of social engineering, the other attack by Talo is the place where the hook on non-market websites like Reddit-Bleni/Sell Forum-Direct the transaction in a payment site such as PayPal. “Scammers often use compromised accounts on these money transfer platforms when communicating with sellers (or buyers), often trying to persuade them to use” friends and family “(or equivalent) the payment option available in many from these platforms. ” Doing this will deactivate any of the wing length fraud protection normally in the country.

staleGoogle Chrome upgrade – change your browser to stop trackingfrom Zak Daffman

Talo’s report comes with a useful 5 -step guide to stay safe; How never to be deceived to ignore any of these points. Remember, deceivers do this to live, and many of them are extremely good in their jobs.

1. Always use multi -factors (MFA/2FA) certificate in market account and all financial accounts/accounts used in each transaction.
2. Check any pictures you post on the lists for sensitive or personal details that may be in the background. Keep all neutral as possible.
3. Do not be seduced into using websites or third party services when performing transactions in a market; Always follow standard processes.
4. Check each message carefully to prove those who are from the buyer, and clearly be suspicious of new buyers with little activity or other data in the account.
5. Do not modify transport addresses under no pretext. If a buyer has to change an address they have to do it through their accounts.