Had a person send me their number as an interested buyer and told me to text them. I did (first mistake), and we arranged a meetup time. Then they asked if, for their safety, they could send me a six digit code (some of you already know where this is going) that I could repeat back to them to verify myself.
I said, "absolutely!" And sure enough, I got a Google Voice verification number. lol
If you're not familiar with the scam, shady people will take your phone number and try to create a Google Voice account with it. If you provide them with the 6-digit code that Google sends you, they can "verify" that they are you, and then basically use your phone number to run scams, commit fraud, etc. It's nasty business.
I called them out, blocked them, then reported them to the marketplace website and to the FTC--though, almost certainly, they were using the phone number of another poor soul to carry this out.
I used to work as a social engineer, running phishing campaigns (ethically, with consent lol), against Fortune 1000 companies to assess their level of vulnerability. Luckily for me, I was super familiar with this, but most of the people I told about it have said, "Oh, I probably would have fallen for that...", and even I set myself up for it.
So that is why I'm posting this. Please be aware of sketchy shit like this. If someone is asking you for a verification code over SMS or email, tread with EXTREME caution. Also, it's usually pretty shady if a stranger you're already chatting with wants to move to a new platform. Not always, but if someone emails or messages you on Facebook to ask you to text them, that's a little weird. I'd had legitimate buyers/sellers do that, so it's not unheard of, but it should put you on guard.
If you buy/sell/trade online frequently, it's a good idea to use a dedicated MySudo number, VOIP number, and/or a burner phone for that.
Pinned #introduction
I'm British, after 27 years working in the NHS I now work in health and social care regulation.
I have a husband (married 31 years!) , an adult daughter, and two #dogs. One dog is a twat.
I share odd #news stories you might have missed, and strange #ebay finds.
I swear. I hashtag. #mastodog#dogsOfMastodon
What to do with things you do no longer need? Do you want to avoid using #eBay?
Check out the self-hosted flohmarkt (German for flea market) for the job, an ActivityPub-based federated small trade platform. With the active development being less than a year old, you should expect some unfinished touches, though, but it's ready to give it a try!
“Online retailer #eBay Inc., will pay a $3 million fine to resolve criminal charges over a harassment campaign waged by employees who sent live spiders, cockroaches and other disturbing items to the home of a Massachusetts couple, according to court papers filed Thursday.” #legal https://apnews.com/article/9ac2c35bcd4c87af181382c71d992343
That deranged harassment / stalking / obstruction scandal where #eBay Global #Security execs sent critics a box of live spiders, bloody pig mask, funeral wreath, & more
& harassed them on Twitter & staged a fake sex party at their house
& then 5+ of the eBay Security execs/employees have now been sentenced to prison...
was led by 2 long-time Santa Clara city Police Captains?
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #26/2023 is out! It includes, but not only:
➝ 🦠 🇺🇸 Schools say US teachers’ retirement fund was breached by #MOVEit hackers
➝ 🇨🇳 🇺🇸 Chinese spy #balloon did not collect information over US, #Pentagon says
➝ 🇨🇳 🦠 #TSMC Says Supplier Hacked After #Ransomware Group Claims Attack on Chip Giant
➝ 🇷🇺 Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks
➝ 🇷🇺 🛰️ Hackers attack Russian #satellite telecom provider, claim affiliation with #WagnerGroup
➝ 🇬🇧 ⚕️ More than a million #NHS patients’ details compromised after cyber attack
➝ 📊 🐛 #MITRE releases new list of top 25 most dangerous software #bugs
➝ 🇷🇺 Pro-Russia DDoSia hacktivist project sees 2,400% membership increase
➝ 💻 🛡️ #Brave Browser boosts privacy with new local resources restrictions
➝ 🦠 🏦 Anatsa Banking #Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland
➝ 🇺🇸 💵 White House releases cybersecurity budget priorities for FY 2025
➝ 🇺🇸 🇧🇷 8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses
➝ 🇬🇧 🔐 #Apple speaks out against bill that could mandate #CSAM scanning in iMessage
➝ 🇵🇭 2,700 People Tricked Into Working for Cybercrime Syndicates Rescued in #philippines
➝ 🇩🇪 ⚡️ #Siemens Energy confirms data breach after MOVEit data-theft attack
➝ 🕵🏻♂️ 📱 #LetMeSpy, a phone tracking app spying on thousands, says it was hacked
➝ 🦠 💰 Prominent #cryptocurrency exchange infected with previously unseen Mac #malware
➝ 🤖 📝 #LLMs and #IncidentResponse? It Starts with Summarization
➝ 🇺🇸 👨🏻🎓Hackers steal data of 45,000 New York City students in MOVEit breach
➝ 🇨🇦 ⛽️ Suncor Energy cyberattack impacts Petro-Canada gas stations
➝ 🦠 🕹️ Trojanized Super Mario Game Installer Spreads SupremeBot Malware
➝ 🇩🇪 💾 SSD missing from #SAP datacenter turns up on #eBay, sparking security investigation
Anybody out there #selfhosting on good used #server hardware? The kind you can find on eBay? My current rig is a Cisco ucs c220 that’s kinda awesome for the price. $600 4 years ago got me 32 cores, and 256G of RAM. Bare metal OS is xcp-ng (#Xen).
The problem? The server management software is FLASH (adobe flash) based. I don’t have a way to interact with it.
If you were building something this size and this budget today, what would you search for on #eBay? Feel free to boost.
Note to self.
When listing stuff for sale on #eBay I must remember they will take 14%. They'll also take 14% on the postage.
...and they'll pay no tax to the Australian Government #corporategreed#monopoly
Google's passkeys, introduced in 2022, have become a popular and secure alternative to traditional passwords, being used over 1 billion times across 400 million-plus Google accounts. These passkeys, which rely on fingerprints, face scans, or PINs for authentication, are faster and more resistant to phishing than passwords. Google plans to integrate passkeys into its Advanced Protection Program, enhancing security for high-risk users. Additionally, third-party password managers like Dashlane and 1Password can now support passkeys, further expanding their use. The technology is supported by major companies like eBay, Uber, PayPal, and Amazon, indicating a shift towards passkey-based authentication as a more secure and efficient method.
If an #ebay seller can't figure out how to use completed/sold auctions to set the price, and rejects offers based on that real-world price, just use the rest of your chances to send them $1 offers.
You were never going to get that item anyway, so might as well have fun with it.