eBay vehicle giveaway! scam or flawed business model?

[royfellows]

Take at look at this!
Loads of vehicles all at giveaway prices, no apparent reserve and all with the same description:

?In immaculate Condition through out
Recently Serviced?

There is a Rolls Royce Silver Shadow, an obvious restoration project from the photo, paint peeling , rust, etc, but described as above
Trading standards will have a field day and the cars owners, they are not his cars, will probably form a lynch mob

https://www.ebay.co.uk/sch/steveleobay/m.html?item=115259668299&rt=nc&_trksid=p2047675.m3561.l2562

 

[ali_mac]

Well known e-bay scam. 

The scammers hijack a legitimate account, usually one that has been abandoned for a long time, but has a history of sales & good feedback, as well as a legitimate address with it. 
They then post a slew of vehicle ads at below market price, stating they are selling on behalf of someone else. 
The ads always say you can only contact them through the mobile number or email address, not e-bay. 

If you do a reverse image search on a listing photo, you will often find the image on a car enthusiasts forum, although I've searched a few of this users, and they are not coming up with results, so maybe they are putting more effort in, and using pictures they took themselves now...

The usual adage applies - if it looks too good to be true, it probably is. 

Edit, here is an example that jumped out at me, because the photo is stolen from a well known legitimate classic motorcycle dealer:

https://www.ebay.co.uk/itm/115259668482?hash=item1ad602f802:g:I8UAAOSwZ49iEi0W
https://www.gumtree.com/p/triumph-motorbikes/1961-triumph-t110-650-classic-vintage-with-750cc-barrels-68-bonneville-head./1371939409

 

[Cantclimbtom]

When you look at his eBay shop and the recent feedback you have several different people saying "Good buyer, prompt payment, valued customer, highly recommended" must be a coincidence that they use the exact same phrase, and they are all as a buyer (not seller), he only has 6 as a seller and that's back in 2004-2010.

A lot looks fishy, even if the items added up. Maybe it's a hacked dormant account?

 

[royfellows]

Interesting. Believe it or not, this is new to me. As everyone knows, I am honest even about my own shortcomings.

OK, so how does the scam work.
A fake on line sale, deposit up front?

I bought my present car without seeing it in the flesh until I collected it, I had paid for it with my debit card as it was just under the 10K limit. However, it was from the Northhampton Skoda main dealer. Good people to deal with, recommended.
The sales lady told me it was the first time anyone had bought acar like that, I simply said " watch this space". An accurate premonition.

 

[Speleofish]

The first thing I noticed is that the cars are all photographed against different backgrounds, suggesting he's lifted the images from somewhere else (or gone around photographing random vehicles - and the selection is very, very random...)

 

[ali_mac]

https://www.valueaddedresource.net/ebay-car-scams/ 

This has a little information, but not enough to draw a solid conclusion as to their aims, like you say though, probably deposit fraud...

 

[royfellows]

An now I am the wiser.

 

[royfellows]

Just thinking a bit more. I asked myself how peoples accounts can be hacked, and then immediately occured the answer to my own question. Password = "password", 123456" etc

off thread, but its a bit like WiFi. People secure their WiFi but dont secure their router.

address = 192.168.0.1, password = "password". Yes the IP address is the address for most routers, and a lot of routers distributed by providers such as Virgin are the Netgear DG834, the default password is "password".

 

[Cantclimbtom]

This is a big digression but even if you had a WiFi password like A3e44zF0p it's not very secure. For example WPA2-psk..

In all WiFi there's a deauth packet that kicks a node off a network (disassociate) and it's not authenticated so you can just send some to a node if you want, and kick it off its network (or the broadcast address of the network to deny service). The first thing it'll do is to reauthenticate. You can listen and collect a bunch of these authentication handshakes and use them to break/recover the WiFi password. All this is public knowledge. It is a bit fiddly when first practicing but after maybe 20 mins practice you'll find it straightforward to inspect networks, see what nodes are there and deny a node or network as you wish. Spoofing a MAC obscures your tracks especially if you use the Mac of an existing node on their network. Airmon (to put nic in promiscuous mode and monitor networks etc) and Aircrack-ng (to send deauth and collect handshakes) are simple tools and well documented.

All the stuff above is common knowledge and requires little skill, you can just Google it and follow instructions. That's the problem. You don't have to be particularly skilled to do this stuff. In my opinion people should be aware of this. Just like people should be aware of physical things like bumping and snapping of door locks so you can install good locks to prevent some scumbag burgling your house by those methods. IMHO you should be aware that WiFi isn't particularly secure either in its design, and act accordingly.

Agree there's too many admin/admin admin/password administrator/12345 routers out there too

 

[royfellows]

Yes.
My system here is what you would call "Small office" with multiple destop machines and all hard wired to Ethernet standard. I dont use WiFi, and neither does any business office where they use an IT professional.

 

[PeteHall]

I believe there are two main ways that people obtain access to someone else's account (note that I haven't used the word hack).
1. Create a fake login page that looks like the real thing, direct the victim to it (via fishing email) and harvest their login details when they try to log in.
2. Sign up victim to "prize draw" or similar, with email address and password required to create account, then try this email address and password combination elsewhere (eg the email account) as many people use the same password for everything.

The strongest password is perhaps a new password, not necessarily a strong one.

As to selling a car with ?1 start and no reserve (rather than the scam in question), this is actually a pretty good sales tactic and I've used this many times to get a price at the top end of market value. My logic is that there's always someone out there who will buy a car for a quid. Someone else will give you a tenner etc. So by the time you're up close to market value, the car has a lot of bids on it. It looks like people are fighting for it and that reassures others that it must be a good one. By the time someone's bid low, they've got skin in the game, so they are more likely to keep bidding, even if they might not have bid in the first place if they hadn't thought they'd get a bargain.
Compare this to listing a car as a classified ad for a fair price and you'll end up haggled down, or list at a higher price and you'll get no interest at all.

 

[Cantclimbtom]

Yes.
My system here is what you would call "Small office" with multiple destop machines and all hard wired to Ethernet standard. I dont use WiFi, and neither does any business office where they use an IT professional.

I agree. Click a cable, job done, no faff, fast reliable secure. But our opinion is far from normal these days. Few people question WiFi. A lot of business laptops no longer have an RJ45 socket for example

A big way people have accounts compromised is they use the same password in multiple places. They sign up to all sorts of things with email and password. One place will be awful and weakly protect the password (like stored as an unsalted md5 hash or something terrible). Someone hacks and steals the password database, uses John the ripper to break all the easy passwords out of it (probably half of them), they then have a big database of emails and passwords which they sell. Someone buys the list and tries it on eBay or wherever and after working through the list for a while they'll get lucky. If they can get access to email (harder these days... *if* people use MFA) they can use the email to recover a "lost" password to eBay or whatever. Given the lists are freely bought and sold this is probably the main route for opportunist hackers with the "prize draw" scenario coming in second place

 

[royfellows]

Interesting comments. I am surprised about laptops not having an RJ45.

I have been out of the game now for quite a few years. My business career is very odd. Probably a bit like me myself!
I was in the car trade for years. I made a bit of money early on and got a job at a large motor garage just cleaning the second hand cars to get some thinking time.
I became aware of the way trade ins were sold on to the trade and started buying and selling a few myself. This worked out well so I quit, bought a house with a yard at the back, and went my own way.
I then moved my operations to a site in Walsall and was there for years. Later in my life I got in on the cheap car hire boom of the 70s inflation years. Went back to sales and had my own finance company to sell the cars.

The trade went sour and my wife died in 1998 so I got out. I had become interested in computer science and had been learning in my spare time so got in on that, but never made any real money.
I wrote bespoke software but missed the point that you need a lot of support staff and a technology park address to be successful. I soldiered on until my late 60s and then packed that in.
I now live on my own.
The ups and downs can be one of things that make life interesting, the trick is regard the downs as a challenge and meet it. Way off thread, but who cares.

 

[wellyjen]

The lack of RJ45 ports on laptops is down to gadget thinness becoming something emphasised in the marketing. There is a minimum thickness that you just can't go below and still accept a standard plug. Plus, it removes a component, cost and extra assembly when making a laptop. Other ports are steadily disappearing too.
This is being posted via an RJ45 port though. 

 

[Cantclimbtom]

Very sorry to hear about your Wife Roy.

There's a cunning design you see on Lenovo, Dell and some others where the laptop body is thinner than RJ45 and so the port is "too thin", but you can hinge /flip down to accept the plug  https://1.img-dpreview.com/files/p/TS1120x1120~forums/59371721/f0aa2e5238734c6ead1706c6c7c4114d so I think it's cost saving to drop a port, the manufacturers claim that consumers don't want/use the port these days

1998, you moved into IT at the same time as me. Very much the right place but at least 3 years the wrong time to rake in the big bucks. At least not unless you move into security -- at least half of which has gradually shifted into being another facet of IT. There's just not enough people to cover the work.