Scam Casts Doubt on EBay Security
Robert Beck suspended his distrust of online auctions last month and went for a top-of-the-line speaker system. He cast a winning bid of $1,900, paid by credit card and waited for his first EBay purchase.
The speakers never arrived.
Last week, detectives confirmed to the 25-year-old engineer that the sellers, an Arizona couple, had cashed out their bank account and fled town. The couple allegedly stole more than $100,000 from more than 500 bidders.
The case has cast suspicion on EBay Inc.'s anti-fraud software, which the San Jose-based company installed nearly a year ago to counter complaints about fly-by-night sellers.
Beck and other victims say the software -- which ostensibly gets better the longer it’s in use -- should have alerted EBay to cancel the auction long before hundreds of people parted with their money in a classic swindle.
“The red flags in this case were all over the place,” said Beck, a St. Louis resident who says he may sue EBay for negligence. “For EBay to say that the software works -- the principle of it makes me sick.”
EBay spokesman Kevin Pursglove said the company’s Fraud Automated Detection Engine, or FADE, was never meant as a panacea.
“The reality is that no single tool is going to be able to eliminate fraud in the offline world or the online world,” said Pursglove, who would not discuss specifics of the Arizona case. “We’ve been very honest with our users on this one: FADE will go a long way in terms of combating fraud, but it’s not going to be the end-all be-all.”
EBay maintains that less than one one-hundredth of 1% of all listings are fraudulent. But with 180 million items for sale in the fourth quarter of 2002, EBay could have hosted as many as 18,000 fraudulent auctions in the last three months of last year.
Chief Executive Meg Whitman introduced FADE at the annual shareholders meeting in June. She promised it would make “major strides” combating fraud.
The company also has forged closer ties to police officials, the U.S. Postal Service and international delivery services.
FADE collects data from defrauded customers, compiles it in a central database, then alerts EBay’s private fraud busters of new auctions that match patterns of known scams.
Red flags include unexpected changes in a seller’s behavior; a new user with large quantities of very expensive merchandise, particularly computers or other electronics; or an address linked to a country -- Eastern Europe tends to be suspect -- with a high incidence of EBay fraud, Whitman said during the shareholders meeting.
EBay reserves the right to cancel any suspicious auction -- ideally before users part with their cash.
Auction enthusiasts said they never expected FADE or any other tool to eliminate all fraud, but they question why the software couldn’t catch the Arizona suspects, whose actions caused alarm even among some novice users.
“This was like watching a car accident in slow motion,” said David Steiner, president of AuctionBytes.com, a watchdog group for EBay buyers and sellers. “You could see all the signs of what was going to happen....If it can’t catch this, FADE is almost laughable.”
In early January, the couple from Munds Park, Ariz., began auctioning DVDs for $5 to $10 each under the name “mylittle1s.” On a customer comment page, dozens of buyers praised the vendor for shipping products quickly.
About a month later, they switched from DVDs to more expensive electronics and invited more bids. But they also switched from a home address to a P.O. box and said items wouldn’t be shipped until weeks later.
Other warning signs began popping up even as the bidding continued and money flowed into their account: they stopped responding to e-mail, complaints poured in and mylittle1s’ feedback rating plummeted.
It was an EBay user from Santa Clara, Calif., who alerted authorities, calling Coconino County, Ariz., sheriff’s detective Bruce Cornish.
On March 4, Cornish went to the couple’s address -- a vacant, double-wide trailer a short drive south of Flagstaff.
Cornish identified them as Michael and Nancy Dreksler, who used online aliases Tony and Renee Boseli. He contacted EBay, which halted the couple’s auctions the next day.
Cornish says he suspects the Drekslers, who also are wanted in Arizona for forgery, fled to Colorado. So far, he has found 510 victims who lost a total of $104,644.
Andrew Maus, a computer programmer who never received a $1,000 Onkyo stereo receiver from mylittle1s, blames FADE. He said the software should have caught the rapid increase in the price of goods sold as well as the quick deterioration in the feedback rating and high volume of customer complaints.
“I can’t do business again with EBay until I get my money back,” said the 40-year-old from Charlotte, N.C. “After all I’ve learned, this could have been easily prevented.”
Computer scientists aren’t so sure.
Chris Welty, a researcher for IBM Watson Research Center in Hawthorne, N.Y., said anti-fraud software often lulls consumers into feeling secure, but the technology is notoriously fallible.
“Usually, these systems are there just to catch the most obvious stuff and bring it to people’s attention,” Welty said.
“Think of it as locking your car door. It’s not going to prevent a good car thief from stealing your car, but it’s going to protect you from some teenager walking down the street and taking it for a ride.”