Spot The Scam: Fake Websites, Scraped eBay Listings Raise Red Flags
An old scam continues to proliferate across the internet as eBay sellers find their listing content scraped, stolen and used to prop up fake ecommerce websites collecting consumer credit card and personal information for nefarious purposes.
Many of my listings including listings by other stores on Ebay are showing up on this fraudulent website. thaiaktuell.com
My images have my handwritten tags and the descriptions for items are copied exactly. I sell only original paper collectibles and most of them are one of a kind. The store goes so far to allow you to buy multiple of items that I know this store doesn't have and selling them at lower prices to hook buyers.
I am filling out a report to Ebay. When I googled it on Reddit it had comments it was a total scam. Letting other Ebay members know.
Disclaimer: we do not recommend visiting any of these sites and definitely do not recommend attempting to purchase anything if you do!
Checking out thaiaktuell.com revealed a multitude of obvious red flag warning signs indicating this site is very likely operated by bad actors engaging in one or more forms of fraud.
All of the product data appears to be scraped directly from eBay - right down to the category structure, which in many cases includes eBay Motors.
Individual items often show watermarks from the legitimate sellers that you can use to track back and find the actual listing on eBay.
The fraud sites typically list the items at extremely discounted prices as the goal is likely to get access to credit card and personal identifiable information (PII) to use for further unauthorized charges and of course, they aren't really going to be shipping anything to the buyer any way, so cost of goods is not an issue.
Right clicking on the page and using browser tools to view the source information reveals even more suspicious activity as the keywords, description and title are often filled with nonsensical terms and phrases that are obviously meant to manipulate search engine results.
For example, this page has keywords for:
consumer electronic products manufacturers, coupon marketplace, pete the cat craft, russian doll man, how to add volunteer experience to linkedin, malaysian food near me, olive garden buena park, panera gift card promo....
When creating a website, it's very common to purchase a pre-made template to tweak to fit your design and needs, but most legitimate businesses will take the time to change the default logo to their actual business logo or name.
However, it appears the scammers have missed this important step in the design process, leaving the default theme name/logo in place.
That green text in the upper right that says "Organic" clearly points to this site using the "Organic" template for Woocommerce stores created by MartFury.
The address posted for contact information also does not bring up any direct results on Google Maps and "about" or "contact" page language (not product data scraped from somewhere else) is often in broken English.
And despite the attempts to appear like a US-based company, checking Whois data reveals the domain is registered in China, ironically through Alibaba Cloud Computing.
Further searching for "Adonais Way" in Norcross, Georgia led to another similar site showing many of the same red flags - redaa.shop .
Again, they were too lazy to change the logo on the template, in this case using the Umino theme for Shopify.
The categories also include eBay Motors, all the product data is clearly scraped from the site with prices being extremely discounted, and checking the page source data shows more keyword stuffing spam.
The Whois search shows this site is also registered in China and the "about us" section contains more broken English/odd phrasing.
This site also provided another breadcrumb to follow - company name.
A Google search for "Staplees Inc" uncovered some very troubling Better Business Bureau reports.
This company is spoofing my **** listings, showing them on their website for 50% off. I emailed them to remove the listings and of course no response. I can almost guarantee that this is a fake company with fake address. They also have ******* ****************
I ordered a MacBook air from this company in July. I followed the order thru their tracking page all the to the date that it shows delivered to my door. I never received any product from them. I have reached out to them 7 times in the past 3 weeks and have yet to get any reply from them at all.
Most shockingly, Google shows many results matching the exact same patterns and red flags. We stopped counting at 100 but with over 3,000 results just for this explicit search alone, the size and scope of this fraud is clearly quite large and far-reaching.
Some instances show they are also scraping eBay's other markets, including eBay.de, to create sites like animalmed.shop, which shows a mix of German and English product data, is obviously using the Devita theme, and the Whois search also shows it is registered in China.
If any of this sounds familiar, similar fraudulent sites that scrape eBay listings have been around for years, with many reports posted in eBay's own community forums.
For example, this community post from November 2017 called out multiple sites using a .top domain that were engaging in this type of fraudulent activity.
Have you guys run into finding your items are listed on the following websites? I ran into this website today as I was searching for my item on google search.
Wellclosets.top
specialcabinets.topThe items are not listed in the same price but uses the as my eBay listing title and pictures!!!! I have since ended my eBay listing item to avoid any scam.
EcommerceBytes published a letter to the editor referencing one of these sites in April of 2018 as well.
Here is a new internet scam I just came across. They got me! Site is wellclosets.top
They appear to have taken eBay listings and put them on their site with impossibly low prices. I bought one, paid with a debit card and a few minutes later had an email from the bank about fraudulent charges.
There were two charges attempted from China, one successfully, one declined. Probably within minutes, or seconds, of when I submitted my info. At least some of their ads are directly from eBay.
They get the payment info, then use it elsewhere. No charges have appeared from Wellclosets.top.
Take a look at their site, they even have a category for eBay Motors listed! I reported it to eBay, also my bank.
A frequent commenter at the time, Fidomaster (aka unsuckEBAY), provided an insightful list of major red flags observed on that site - many of which notably match the currently active sites we are seeing today.
When another frequent poster posed questions about why eBay couldn't/wouldn't see all of those obvious red flags, Fidomaster called out CEO Devin Wenig and other members of the executive leadership team, as well as Senior Director Global Security Jim Baugh, for the lackadaisical response to an obviously serious security issue.
Little did anyone know just how closely eBay was monitoring comments such as these at the time, but the world found out when Baugh and 6 other members of eBay's security operations were charged with multiple federal felonies in the 2019 cyberstalking scandal that sought to influence EcommerceBytes' reporting through harassment, intimidation, and a "White Knight Strategy" designed to try to unmask Fidomaster/unsuckEBAY.
The bizarre corporate plot included disturbing deliveries of live insects, bloody pig masks and funeral wreaths as well as threatening messages, doxxing, and ultimately in-person stalking and an attempted break-in with the (thankfully unsuccessful) goal of installing a GPS tracking on the victims' vehicle.
Baugh, Director of Global Resiliency David Harville, Security Manager Philip Cooke, Senior Manager of Global Intelligence Stephanie Popp, Global Intelligence Manager Stephanie Stockwell and a contracted security analyst Veronica Zea all pleaded guilty and have been sentenced for their roles in the crimes.
A seventh defendant, Senior Manager of Special Operations Brian Gilbert, also pleaded guilty but has had his sentencing postponed due to being diagnosed with colorectal cancer.
Ina and David Steiner (EcommerceBytes) have also filed a civil case against the criminal defendants plus Wenig, ex-Communications Chief Steve Wymer, ex-SVP Global Operations Wendy Jones, eBay Inc. and security company Progressive F.O.R.C.E Concepts - alleging communications from the very top of the c-suite directed and egged on the harassment.
Documents provided by the US Attorney's Office confirm in the Spring of 2019 Wenig(Executive 1), Wymer (Executive 2), and Jones (Executive 3) tasked Baugh with devising a plan to curtail perceived critical coverage of eBay and investigating the unsuckEBAY/Fidomaster Twitter account.
The executives were particularly annoyed by EcommerceBytes' reporting on mass layoffs and a management shakeup in 2018, an article about Wenig's oversized compensation package (earning 152 times the average eBay employee at the time) in April 2019 and revelations that Wenig had built a replica of his favorite New York bar on eBay's corporate campus - Walker's West, which was later renamed The Sellar and is still in operation today.
By the spring of 2019, an anonymous internet user known variously as "Fidomaster", "Dan Davis", and "unsuckebay" (hereinafter "Fidomaster") had also become a source of frustration to Executive 1, Executive 2, Baugh, and others at eBay.
On February 22, 2019, for example, a communications employee asked Baugh and Popp to "dig up some intel" on Fidomaster, noting "He's been relentlessly trolling eBay and [Executive 1] on twitter .... "
At Executive 2's direction, Baugh caused the GIC to prepare a report concerning Fidomaster. The March 2019 report concluded that Fidomaster was an "anonymous twitter user that posts negative content about eBay and its senior leadership." It also asserted that "Fidomaster" communicated with Ina Steiner about issues pertaining to eBay, noting "Steiner and eCommerceBytes are known for publishing negative content about eBay and its executives."...
...On or about May 21, 2019, EcommerceBytes published an article entitled, "Did You Know eBay Built a Lavish NYC Pub-Style Lounge?" The article reported that Executive 1 had commissioned the construction of a pub--Walker's West-on eBay's corporate campus, modelling it after a New York City bar. The article contained links to a contractor's website,which featured pictures of the project and a description of the pub.
Baugh alerted Executive 3 to the article by email that night, with the subject "Fwd:> Ina Steiner - Walker's West."
On May 22, 2019, at 9:10 a.m. (PDT), Executive 3 forwarded Baugh's email to Executive 2 and an eBay facilities employee, asking, of the contractor, "Why in the world would they think it's ok to do this and with this level of color???" eBay directed the contractor to take down its website. Executive 3, copying Executive 2 and Baugh, later emailed, "this is ridiculous and has caused serious problems."
Within hours, Executive 2 contacted a public relations consultant about the
Walker's West article. Executive 2 wrote: "I'm just no longer accepting 'ignore' as a broader > strategy and want to fight back. Look forward to talking ASAP to get your assessment of how to > do that most [e]ffectively."
Thereafter, eBay communications employees sent information to the consultant about the Steiners, including their buying-selling history on eBay and the perspectives of eBay employees who knew them.
eBay has been found criminally liable in connection to the cyberstalking events, and agreed to pay a penalty of $3 million plus undergo 3 years of independent compliance monitoring as part of a deal to defer further prosecution.
Just imagine if the "creativity" and resources that were used to target journalists and perceived critics of the company had instead been turned to addressing serious security and safety issues, including site scrapers and all manner of other fraud and scams perpetrated on or facilitated through the platform.
As Fidomaster/unsuckEBAY pointed out back in 2018, countless brand management and security solutions exist to help proactively fight this type of threat and not only should eBay have a security interest in protecting their brand and consumers - they're also potentially losing GMV to these fraudsters too.
While law enforcement at federal and international levels may shoulder the brunt of the burden for tracking down, investigating, prosecuting and shutting down cyber crime and scams, eBay also has significant responsibilities to stakeholders when it comes to brand protection and fiduciary duties.
If Chief Information Security Officer Sean Embry (who has been in this role since 2015) is unwilling or unable to take this issue seriously and undertake meaningful corrective action, hopefully eBay's new Chief Compliance and Risk Officer Ryan Jones will.