A cache of 5,534 stolen eBay log-ins was discovered yesterday -- likely the result of successful phishing scams, researchers say.
Christopher Boyd, malware research director for FaceTime, blogged that most of the stolen accounts appeared to be those of newly registered users or ones with low feedback scores who don’t use eBay regularly. “These are prime targets for Phishers, because they're more likely to be fooled by fake logins,” Boyd said in his blog today.
And because many of these types of users tend to use the same log-ins for both eBay and PayPal, according to Boyd, their PayPal accounts also could be compromised. The stolen accounts were listed by eBay user name, password, and email account.
“Quite a lot of the accounts don't exist or are no longer registered users, but there's enough live accounts in there for this to be something of a worry (there also don't appear to be any duplicates, which is unusual for a collection this big),” Boyd blogged.
“I should mention, it's not just new EBayers that can be caught out by these kinds of scams - there were quite a few high scoring EBayers in the stolen logins too,” Boyd said.
— Kelly Jackson Higgins, Senior Editor, Dark Reading