When an eBay seller opened an email received through eBay's message system this week, it read, "If you need additional income, we have an open position as a mediator for selling items on ebay. To learn more, open www.tradeportal1.org and enter (Code removed by editor) on prompt." The purported shopper who sent the email to the seller using eBay's "Ask Seller a Question" feature had zero feedback and had registered on eBay the same day the email message was sent.

The recipient, a concerned eBay seller, reported the suspicious email to eBay when she received the email on March 14. A search for tradeportal1.org on a search engine came up with a post on an anti-scam forum from someone who said they had reported a similar email - also linking to the site TradePortal1.org - to eBay on March 9. A WhoIs search on the domain "tradeportal1.org" reveals it was registered on February 13, 2007, using a domain registration company that lets resellers register a .ORG domain for just 99 cents.

What concerned the recipient most was that her name appeared in the message, and that the message showed up in her "My Messages" section of eBay, proving the sender used eBay's mail system. She felt this gave the email an air of legitimacy, and she said she was sure she was not the only one to receive the email. "You KNOW that newbies may (will) click that link and who knows what will happen."

The technique described above uses eBay's message system. Another technique seen this week on eBay uses an "Ask Seller a Question" form inside listings that are not actually going through eBay's message system at all, and harvests users' email addresses.

A reader complained on March 15 that someone was listing Plasma TVs in the Antiques category for $10, a ploy frequently used by fraudsters. While the seller had a high positive feedback rating with over 500 feedback points accumulated, fraudsters sometimes hijack seller accounts, commonly through phishing email scams.

In addition to using incorrect categories and listing expensive items for ludicrously low prices, there were other red flags with the Plasma TV listings. Fraudsters often include an email address at the top of the listing in a large font, hoping shoppers will send them emails directly. And in this instance, including the Ask Seller a Question form that requested shoppers fill it out and include their email addresses was another warning sign.

Upon filling out the non-eBay "Ask Seller a Question" form, users were directed to a website that appears to belong a legitimate company that offers "Web Form Handling Services." The service allows clients to place a form on their site, and when someone fills it out, the service forwards the information to the client - in this case, a suspected scammer.

Harvesting Email Addresses
What good are email addresses to scammers? In the first instance described above, they may be looking to "hire" sellers who think they are representatives of a legitimate company, but are actually participating in money laundering for the scammer, as described in this article from 2003 (http://www.auctionbytes.com/pages/abn/y03/m01/i29/s01).

In the second case, scammers may pose as legitimate eBay sellers of Plasma TVs (or other expensive items) and request the buyer send money to them via wire transfer (such as Wester Union), which is as good as sending cash.

eBay has been trying to limit scammers' ability to contact its buyers and sellers since as early as 2001, which is one of the reasons eBay instituted a message system that masks users' email addresses. Much eBay-related fraud takes place outside of the eBay system, and users who fall for off-eBay scams end up with no protection at all.