Got this email from ebay which at first i thought was spam but read further and realized that it was a notice that my account had been hacked. I went to ebay.com and logged in and my password had been changed! I reset it and saw the same notice in my account page.
It doesn't add up, though.
* I'm firewalled behind software and hardware firewalls. No outbound traffic i dont specifically authorize.
* I'm pretty paranoid about security. The chance of a keylogger is pretty slim. My passwords aren't easy to guess.
* When you change your password on ebay, their system sends an email to the address listed and also sends you an 'alert' in your account details which cannot be removed for two weeks. How was someone able to access my account, change my ebay password, and then not have either an 'alert' show up in my account that my password had been changed OR an email sent to me?
* Let's say they changed my email temporarily so that i wouldn't get the email notice. Even if they had that information, i should have received an email saying that someone was changing it. Let's say they intercepted the notification email. That means they'd have to have BOTH my ebay AND my email password (which are different). AND they'd have to intercept and delete the confirmation email before my outlook client downloaded the email. Given that my outlook client runs 24/7 and downloads email every 2 minutes, the entire scenario seems highly improbable.
Sounds suspiciously like an inside job to me.
Anyone else experience this?
It doesn't add up, though.
* I'm firewalled behind software and hardware firewalls. No outbound traffic i dont specifically authorize.
* I'm pretty paranoid about security. The chance of a keylogger is pretty slim. My passwords aren't easy to guess.
* When you change your password on ebay, their system sends an email to the address listed and also sends you an 'alert' in your account details which cannot be removed for two weeks. How was someone able to access my account, change my ebay password, and then not have either an 'alert' show up in my account that my password had been changed OR an email sent to me?
* Let's say they changed my email temporarily so that i wouldn't get the email notice. Even if they had that information, i should have received an email saying that someone was changing it. Let's say they intercepted the notification email. That means they'd have to have BOTH my ebay AND my email password (which are different). AND they'd have to intercept and delete the confirmation email before my outlook client downloaded the email. Given that my outlook client runs 24/7 and downloads email every 2 minutes, the entire scenario seems highly improbable.
Sounds suspiciously like an inside job to me.
Anyone else experience this?