eBay said members will no longer be able to find other members by entering email addresses in Search lookup boxes. eBay cited security concerns Monday, announcing that the move was made to prevent email harvesters from validating email addresses for fraudulent usage.
Before the change, members could search for other eBay members by entering either their User ID or their email address. Now, only members who have completed a recent transaction with the member can use the lookup by email feature. This affects Bidder Search, Seller Search, Feedback Profile Search, and others, and extends across all international eBay sites.
Information on eBay's site said, "If eBay cannot determine a transactional relationship you should request the member to send you their User ID via email." However, there is no way to verify their reply: if you search by User ID, the information returned contains no email information. Members may still use eBay's "Contact an eBay Member" feature, which allows members to send another member a message via a Web form on the site.
Is there a way that eBay can stop spammers from harvesting emails from its site while still allowing eBay members to verify an emailers' eBay User ID? The system eBay put in place yesterday uses a "random number" security feature. This system was first designed to thwart dictionary attacks and forces the searcher to read numbers on the screen and manually enter them into a box. Since automatic robots can't read the randomly generated numbers, this feature alone would prevent automatic email harvesting while still allowing eBay members to use the email lookup feature.
eBay could not be reached before press time, but said in its announcement, "We feel that these measures will minimally impact members' abilities to use the site, and have no impact on legitimate communication between members."
http://www.ebay.com/lelfaq.html
