Back in December eBay had what many presumed was an automated bots gone wild situation with a massive wave of accounts being permanently suspended from the platform that inadvertently took down many legitimate accounts.
It's not uncommon to see these complaints about being banned after creating an account, but they do seem to come in waves and I'm definitely seeing more reports cropping up in the last week or so, along with reports of receiving errors when trying to complete eBay's verification process.
For almost 20 years, Nicola Morrison had enjoyed buying and selling small items on her favourite online marketplace.
But she was stunned when, out the blue, she received an email from eBay saying that her account had been suspended after it was deemed a “risk to the community”...
...Nicola was further dismayed when she was told that there was no way to appeal against the suspension.
It's also interesting to note several recent observed changes or explicit updates that may be related to account security on eBay.
Prevention, detection, mitigation and investigation of fraud, security breaches and other prohibited or unlawful activities, including the assessment of corresponding risks (e.g. through the use of captchas, a port enumeration technology to identify user sessions using remote desktop tools or the telephone number stored in your eBay account for risk assessments and two-factor authentication), unless there is a statutory obligation to this effect.
In the recent User Agreement update, eBay explicitly states users must agree to not share their log in credentials with any third parties, the first time I can remember eBay calling out Multi-User Account Access specifically as a security feature.
In connection with using or accessing our Services you agree to comply with this User Agreement, our policies, our terms, and all applicable laws, rules, and regulations, and you will not:...
...share your log in credentials with any third parties. If you require that authorized third parties (employees, agents, etc) have access to your account we offer a Multi-User Account Access program for that purpose.
And Twitter user, FidoMaster shared what appears to be eBay testing out a new session timeout feature which would require uses to log in again after a period of inactivity - a security feature that was rightly applauded.
While some of these security measures my lead to friction or annoyance for legitimate users, it's encouraging to see that someone at eBay at least seems to be waking up to the account takeover fraud that appears to be happening on the site.
I reported over 150 suspected hijacked accounts engaging in triangulation fraud to eBay back on 2020.
Multiple times a week, users identify and report compromised accounts being used to create thousands of fraudulent listings for cars as well as high end Rolex watches, trading cards, and more!
If eBay really is starting to take steps to address account security issues on the platform, I'm all for it. However, they're going to have to do a whole lot better than the broken verification links and AI powered dragnets that appear to be catching a lot of legitimate accounts in the crossfire with no clear way to appeal and recover banned accounts.