Sopra Steria finds UK citizens want more secu... » London: Sopra Steria has revealed that UK citizens are keener than ever to use digital public servic... World’s top education experts to answer key q... » Education experts, Edtech entrepreneurs and an assortment of thinkers, analysts and administrators f... HAUD gives more value through its Traffic Audit ... » Singapore: HAUD has now established itself as a market leading SMS firewall provider, and through ex... 365squared launches 365analytics » Macau, China: 365squared introduced 365analytics to its portfolio of services. 365analytics is a rea... Checkpoint Systems deploys its EAS Solutions at ... » Checkpoint Systems has announced its partnership in implementing EAS pedestals and deactivation syst... Evander Direct wins commendation for uPVC window... » Evander Direct have been commended for their innovative uPVC cleaning process that dramatically help... Electrical Industries Charity to benefit from pr... » Thousands of pounds are set to be raised for good causes in the electrotechnical industry at the upc... Secure I.T. Environments achieves new internatio... » Data Centre World, London: Secure I.T. Environments Ltd has announced that it has achieved new inter... OKI upgrades wide format with new Teriostar Multif... » Egham: OKI Europe Ltd has launched two new wide format Teriostar multifunction printers designed to ... BSIA members push aggressively for cyber-security ... » BSIA members have pledged to lead the way in cyber-security education, Vigilance can report.

CLICK HERE TO

Talking Point Banner

eBay customers need to be extra cautious when accessing their account activity, personal information and stored messages. Research from Comparitech.com has found that many pages on the site, which require user input or contain their personal info, are not HTTPS encrypted.

 

While eBay does use HTTPS on its most critical pages, such as those where payment or address information is entered, it still lacks encryption on several sensitive pages. When customers send and receive messages from sellers, for example, their communications are not sent over a private channel. Not only could a hacker intercept and read messages, they could modify them in what’s known as a “man-in-the-middle” attack. This could lead to fraud or spam being sent from user accounts.

 eBay does not use HTTPS on its My eBay dashboard, nor on its business-to-customer message pages.

 As a result, private customer information and messages are not sent over private channels, thus the information is vulnerable to hackers.

 eBay's lack of encryption on these pages could be insufficient to meet data privacy standards, including the upcoming GDPR.

 A VPN can mitigate the risks that arise from the lack of HTTPS on these pages.