Today I decided to go look for laptop bags on eBay because I’m feeling rather cheap. I honestly, have used eBay only once in my life and that was about 3 or 4 years ago. I never really liked the idea of buying from people or places I’ve never heard off. Anyway I’m digressing… so I logged on to eBay today and found this bag that I liked. The auction still had another day to go before it ended so I decided to track the auction through the My eBay link at the top of the page. But instead of arriving at My eBay, I got this page asking for my credit card number because my account is registered with a free email account (Yahoo). I would have gladly given it to them if it weren’t for the fact that the page WAS NOT secure. I’m assuming so because the URL was using HTTP instead of HTTPS, and FireFox didn’t show that padlock symbol as you can see below.
Close up of non encrypted credit card page
I’m no big security expert but doesn’t the HTTPS protocol with the padlock means that it’s SSL encrypted and HTTP means and no padlock means it’s not?! Now even if I’m wrong you’ve got to admit that you wouldn’t enter your credit card info unless you see HTTPS and the padlock, right?! ugh. A lot of transactions go through eBay and it sucks to see that they aren’t making an effort to assure people that their data is safe with them.
C’mon, security and eBay is such an oxymoron it’s not even funny. eBay has tons of stuff about protecting yourself against phishing and identity theft you know but it becomes such a joke when they ask for your credit card number on a page that doesn’t look secure. Heck I even found an article from CNET way back in 2002 stating that “eBay does not automatically encrypt much of the data sent between customers’ computers and eBay’s servers” (link) I guess not much has changed.
I refuse to give them my credit card till I see that the credit card page is secure. Sure even if the page is secure someone could just hack into the database and steal my credit card number.. but I gotta draw the line somewhere. And speaking about refusing to give my credit card info, it seems like I couldn’t even send an email to customer support until I give them my card! How stupid is that!?
And all I wanted to do was buy a bag… oh and sleep early. I was supposed to get to bed at 11.30p and oh guess what.. it’s 1.39a.
March 31st, 2007 at 6:27 pm
Yeah, e-bay sucks. There’s SOO MUCH spamming and what not that goes on with that site. I really think they get a kick back or maybe it’s THEM doing the spamming!
April 1st, 2007 at 1:21 pm
yeah i saw an article on digg about (link). pretty lame!
and i spoke to account securities and they said the page is fake. i honestly don’t believe it and they’re just morons for not being able to come up with a better answer.