Ebay/Paypal Fraud Experience
supercoin
Posts: 2,323 ✭
I recently "bought" some expensive computer equipment on eBay and ran into some fraud that would apply equally well to coins, thought I'd share it.
I discovered an auction for a good (but not too-good-to-be-true good) price, a 1-day listing, with a "buy-it-now" price that requires immediate payment (i.e. you have to enter your Paypal information to bid).
The seller had flawless feedback, and was selling other items at the same time, so it all looked good.
I bid, and paid.
I received a winning bid confirmation from eBay, and a payment confirmation from Paypal. The e-mail address of the Paypal recipient didn't match that of the eBay auction, but no big deal. You can have multiple e-mail addresses registered with Paypal.
So I e-mailed the seller to ask when and by what method he would ship, and to please send me a tracking number. I received a vague and grammatically incorrect e-mail from an e-mail address that didn't match the eBay account. So now I have three e-mail address. Still, nothing particularly out of the ordinary from previous experiences I've had.
However, luckily at the same time I had a problem with another seller, which put me on higher guard than usual.
First I tried to make sure that the person I Paypal'ed the money to was the seller. There is no straightforward way to do this. What I ended up doing was going most of the way through the process of sending $1.00 to the eBay seller, and then viewing his Paypal feedback number right before confirming payment. Then the same thing with who I had already sent Paypal payment to. They were different.
Now I'm worried.
I requested the seller's contact information from eBay and phoned him. Sure enough, he knew nothing about the auction.
I attempt to contact Paypal and eBay immediately. There is actually a phone number for Paypal these days. I explained the situation, and told them that they should immediately freeze the Paypal recipient's account, that it was unquestioned fraud. They said I have to file a fraud report online. Ok, I say, but freeze that damn account in the meantime. They wouldn't do it.
They also would not give me a phone number for eBay, and in fact claimed if they want to contact eBay's fraud department, they have to use the same online form that I do on eBay.
So... I file a fraud report with Paypal online. And inform eBay via their web page.
Various other back-and-forth... and soon after the Paypal recipient has refunded my money. Included is a comment from the recipient. The writing style reminds me of the original thief.
I have the name and e-mail of the recipient (but no other contact info -- Paypal won't give it to you despite the fact that you've just sent $1000 to the wrong person). I note that the name sounds like it belongs to a grandmotherly type, and call me a profiler but... I don't think a grandma would be scamming on eBay selling computer equipment. So, I figure, the thief has probably hijacked her account as well. I e-mail grandma to warn her, and... the e-mail bounces. This makes my suspicion almost a certainty, but I have no way to contact her.
So, I e-mail Paypal once again and say YOU MUST CALL THIS WOMAN, but as far as I know, they took no action (I never heard back, anyway).
Unraveling it all, here's what I believe happened:
- Thief guessed password for legit seller's eBay account. Seller (naively) used same password for his e-mail.
- Thief listed bogus auction, capitalizing on seller's good feedback. Thief checked seller's e-mail and deleted any e-mails from eBay or msyelf in reference to the auction.
- In the auction, thief directed payment to grandma's Paypal account, which he also controlled. From there, he planned to launder the money.
- I (luckily) busted him, and he refunded the Paypal payment in the hopes of deflecting attention and maintaining control over grandma's Paypal account. And for all I know, succeeded in that regard.
Here are the things that really tick me off (besides the thief):
- Ebay allows you to create an auction with buy-it-now immediate-payment-required WITHOUT requiring that payment go to the same e-mail address as that registered on eBay! This is unbelievably stupid, and there is no legitimate reason to allow it. A seller can always add their eBay e-mail address to their Paypal account.
- Ebay does not have a fraud-emergency hotline, an 800 number in big red letters, that you can freakin' call when time is of the essence.
- Paypal would not freeze the recipient's account while my fraud complaint was pending. Despite the fact that they could easily verify (in conjunction with eBay, who freakin' owns them) that the money did not go to the eBay account holder.
- Paypal will not give you contact information for someone you just (incorrectly) sent hundreds of dollars to.
- Ebay will not give you contact information for a seller unless you are an active bidder in their auction. With a buy-it-now only auction, there is no way to be an active bidder without winning the item. And with immediate payment required, it's worse. You have no way to phone the guy until after you have sent payment.
- Paypal and eBay showed no inclination to follow-up busting the perp(s) after I got my money back. I can't follow-up without their help, as the only direct link I have to the thief is a hotmail e-mail account name.
I was LUCKY. The thief refunded my money in hopes his illicit account access would live for another day. Otherwise Paypal would only ATTEMPT to get my money back if there was no response (with evidence of shipment) from the recipient. By when, of course, the money will be long gone, because they wouldn't freeze the account in the meantime.
The only reason I was not in a total panic is this:
1. I am careful to fund Paypal payments with a CREDIT CARD, not a bank account. This is not the default option, and Paypal makes you jump through a hoop to change it.
2. I have a separate checking account that is used only for Paypal and other online transactions. I keep only a minimal ($10) balance in this account, immediately transferring out any excess.
So if my Paypal payment hadn't been refunded, I would have denied the charge with my credit card issuer and let them squawk. Paypal would try to recover the money from my checking account only to find that I don't keep any in there. At which point they'd probably cancel my Paypal account, but at least I'd have my money, and frankly I'm not sure I care to support them until they fix some of their security issues.
Ditto regarding my current feelings towards eBay. At the same time, I was purchasing another of this same piece of equipment from another seller. He hadn't e-mailed me a tracking number when requested, and I was gunshy from the fraudulent transaction, so... I requested his contact information from eBay and discovered an obviously phony phone number.
I immediately filed reports with Paypal and eBay... eventual resolution being that I received used equipment (auction said new in box), and left with little recourse (eBay NARU'ed them for false contact information).
In this case, eBay performed not even the SIMPLEST of verification on the seller's contact information before allowing him to sell equipment worth $1000. Instead they waited until I ran into a problem, then removed his account out after I had already sent payment, thereby pretty much insuring that I would not be able to resolve anything with him. (I ended up just keeping the used equipment to cut my losses.)
The saga continues...
A few days later I saw this same piece of equipment being sold under what was to me suspicious circumstances. I stuck my nose in others' business and contacted the buyers (three separate ones), and sure enough it turned out the seller's account (an eldery woman who had never sold ANYTHING on ebay, only purchased things) had her account hijacked. In this case, buyer's were asked to send money orders only to a different address. One of the buyers I contacted had already sent payment, but may be able to stop payment on his bank check. So hopefully I kept $3000 out of the hands of thieves.
One of those same defrauded buyers told me he had already been burned by the same scam that I was (immediate Paypal payment required)... and in fact the auction used the same photo. He has not recovered his $1000 from Paypal as of a month later, and Paypal closed his account. Which again leads me to believe eBay/Paypal isn't really following up on rooting out the fraudsters.
Yecch...
Summary to (help) protect yourself:
- Do not send payment for anything expensive without contacting seller by phone first. Unfortunately, you must bid on an item before requesting contact info. So you must completely avoid auctions that have only a buy-it-now with immediate payment required.
- Do not send a money order or other unrecoverable funds for anything expensive.
- If using Paypal, be SURE you are paying with a credit card.
- Do not link your Paypal account to your main bank account. Set up a separate bank account and keep only a minimal balance.
And perhaps most importantly... when the same item is available off eBay from a reputable merchant at a higher price, suck it up, pay the extra money, and sleep at night.
I discovered an auction for a good (but not too-good-to-be-true good) price, a 1-day listing, with a "buy-it-now" price that requires immediate payment (i.e. you have to enter your Paypal information to bid).
The seller had flawless feedback, and was selling other items at the same time, so it all looked good.
I bid, and paid.
I received a winning bid confirmation from eBay, and a payment confirmation from Paypal. The e-mail address of the Paypal recipient didn't match that of the eBay auction, but no big deal. You can have multiple e-mail addresses registered with Paypal.
So I e-mailed the seller to ask when and by what method he would ship, and to please send me a tracking number. I received a vague and grammatically incorrect e-mail from an e-mail address that didn't match the eBay account. So now I have three e-mail address. Still, nothing particularly out of the ordinary from previous experiences I've had.
However, luckily at the same time I had a problem with another seller, which put me on higher guard than usual.
First I tried to make sure that the person I Paypal'ed the money to was the seller. There is no straightforward way to do this. What I ended up doing was going most of the way through the process of sending $1.00 to the eBay seller, and then viewing his Paypal feedback number right before confirming payment. Then the same thing with who I had already sent Paypal payment to. They were different.
Now I'm worried.
I requested the seller's contact information from eBay and phoned him. Sure enough, he knew nothing about the auction.
I attempt to contact Paypal and eBay immediately. There is actually a phone number for Paypal these days. I explained the situation, and told them that they should immediately freeze the Paypal recipient's account, that it was unquestioned fraud. They said I have to file a fraud report online. Ok, I say, but freeze that damn account in the meantime. They wouldn't do it.
They also would not give me a phone number for eBay, and in fact claimed if they want to contact eBay's fraud department, they have to use the same online form that I do on eBay.
So... I file a fraud report with Paypal online. And inform eBay via their web page.
Various other back-and-forth... and soon after the Paypal recipient has refunded my money. Included is a comment from the recipient. The writing style reminds me of the original thief.
I have the name and e-mail of the recipient (but no other contact info -- Paypal won't give it to you despite the fact that you've just sent $1000 to the wrong person). I note that the name sounds like it belongs to a grandmotherly type, and call me a profiler but... I don't think a grandma would be scamming on eBay selling computer equipment. So, I figure, the thief has probably hijacked her account as well. I e-mail grandma to warn her, and... the e-mail bounces. This makes my suspicion almost a certainty, but I have no way to contact her.
So, I e-mail Paypal once again and say YOU MUST CALL THIS WOMAN, but as far as I know, they took no action (I never heard back, anyway).
Unraveling it all, here's what I believe happened:
- Thief guessed password for legit seller's eBay account. Seller (naively) used same password for his e-mail.
- Thief listed bogus auction, capitalizing on seller's good feedback. Thief checked seller's e-mail and deleted any e-mails from eBay or msyelf in reference to the auction.
- In the auction, thief directed payment to grandma's Paypal account, which he also controlled. From there, he planned to launder the money.
- I (luckily) busted him, and he refunded the Paypal payment in the hopes of deflecting attention and maintaining control over grandma's Paypal account. And for all I know, succeeded in that regard.
Here are the things that really tick me off (besides the thief):
- Ebay allows you to create an auction with buy-it-now immediate-payment-required WITHOUT requiring that payment go to the same e-mail address as that registered on eBay! This is unbelievably stupid, and there is no legitimate reason to allow it. A seller can always add their eBay e-mail address to their Paypal account.
- Ebay does not have a fraud-emergency hotline, an 800 number in big red letters, that you can freakin' call when time is of the essence.
- Paypal would not freeze the recipient's account while my fraud complaint was pending. Despite the fact that they could easily verify (in conjunction with eBay, who freakin' owns them) that the money did not go to the eBay account holder.
- Paypal will not give you contact information for someone you just (incorrectly) sent hundreds of dollars to.
- Ebay will not give you contact information for a seller unless you are an active bidder in their auction. With a buy-it-now only auction, there is no way to be an active bidder without winning the item. And with immediate payment required, it's worse. You have no way to phone the guy until after you have sent payment.
- Paypal and eBay showed no inclination to follow-up busting the perp(s) after I got my money back. I can't follow-up without their help, as the only direct link I have to the thief is a hotmail e-mail account name.
I was LUCKY. The thief refunded my money in hopes his illicit account access would live for another day. Otherwise Paypal would only ATTEMPT to get my money back if there was no response (with evidence of shipment) from the recipient. By when, of course, the money will be long gone, because they wouldn't freeze the account in the meantime.
The only reason I was not in a total panic is this:
1. I am careful to fund Paypal payments with a CREDIT CARD, not a bank account. This is not the default option, and Paypal makes you jump through a hoop to change it.
2. I have a separate checking account that is used only for Paypal and other online transactions. I keep only a minimal ($10) balance in this account, immediately transferring out any excess.
So if my Paypal payment hadn't been refunded, I would have denied the charge with my credit card issuer and let them squawk. Paypal would try to recover the money from my checking account only to find that I don't keep any in there. At which point they'd probably cancel my Paypal account, but at least I'd have my money, and frankly I'm not sure I care to support them until they fix some of their security issues.
Ditto regarding my current feelings towards eBay. At the same time, I was purchasing another of this same piece of equipment from another seller. He hadn't e-mailed me a tracking number when requested, and I was gunshy from the fraudulent transaction, so... I requested his contact information from eBay and discovered an obviously phony phone number.
I immediately filed reports with Paypal and eBay... eventual resolution being that I received used equipment (auction said new in box), and left with little recourse (eBay NARU'ed them for false contact information).
In this case, eBay performed not even the SIMPLEST of verification on the seller's contact information before allowing him to sell equipment worth $1000. Instead they waited until I ran into a problem, then removed his account out after I had already sent payment, thereby pretty much insuring that I would not be able to resolve anything with him. (I ended up just keeping the used equipment to cut my losses.)
The saga continues...
A few days later I saw this same piece of equipment being sold under what was to me suspicious circumstances. I stuck my nose in others' business and contacted the buyers (three separate ones), and sure enough it turned out the seller's account (an eldery woman who had never sold ANYTHING on ebay, only purchased things) had her account hijacked. In this case, buyer's were asked to send money orders only to a different address. One of the buyers I contacted had already sent payment, but may be able to stop payment on his bank check. So hopefully I kept $3000 out of the hands of thieves.
One of those same defrauded buyers told me he had already been burned by the same scam that I was (immediate Paypal payment required)... and in fact the auction used the same photo. He has not recovered his $1000 from Paypal as of a month later, and Paypal closed his account. Which again leads me to believe eBay/Paypal isn't really following up on rooting out the fraudsters.
Yecch...
Summary to (help) protect yourself:
- Do not send payment for anything expensive without contacting seller by phone first. Unfortunately, you must bid on an item before requesting contact info. So you must completely avoid auctions that have only a buy-it-now with immediate payment required.
- Do not send a money order or other unrecoverable funds for anything expensive.
- If using Paypal, be SURE you are paying with a credit card.
- Do not link your Paypal account to your main bank account. Set up a separate bank account and keep only a minimal balance.
And perhaps most importantly... when the same item is available off eBay from a reputable merchant at a higher price, suck it up, pay the extra money, and sleep at night.
0
Comments
I do have one question... you said
<< <i> Ebay will not give you contact information for a seller unless you are an active bidder in their auction. With a buy-it-now only auction, there is no way to be an active bidder without winning the item >>
So Ebay wont give you the contact information AFTER you have won the item through "Buy It Now" but BEFORE you have paid for it? If that is the case, that's even worse than some of their other (bad) policies. It makes no sense to me that you can get contact information if you are a current high bidder but not if you happen to be a winning bidder who hasn't paid yet.
<< <i>So Ebay wont give you the contact information AFTER you have won the item through "Buy It Now" but BEFORE you have paid for it? >>
On a regular buy it now auction yes they will. In the case that Supercoin was relating there was also an immediate payment requirement as well so the only way to win the "Buy it now" auction was to go ahead and pay for it. By that time it is then too late to get get contact information.
A site dedicated to the sale of rare and high MS grade Morgan and Peace Silver Dollars. All coins are graded by ICG, PCGS, NGC, or Anacs, and are priced well below PCGS values.
Re: Mark's question... Conder101 answered it, and again... it's even worse.
eBay allows a seller (or someone who's hijacked a seller's account) to do just that AND have the Paypal payment go to an account NOT belonging to the hijacked eBay seller.
Even worse than that... there is no way (as far as I can remember) that the hapless bidder has any inkling that he's sending it elsewhere until AFTER he receives a payment confirmation. And then only if he is suspicious and enterprising enough to figure out that it didn't. Ebay and Paypal don't provide any direct way to find out it went to the wrong place even after the fact.
It's a combination of things that adds up to GROSS negligence on eBay and Paypal's part if you ask me. And a HUGE opportunity for a scammer.
The only question for the scammer is then how to cash out the Paypal funds.
In my case, I think the Paypal recipient (call her Grandma) was not directly the thief, but was also a victim of a hijacked account.
Presumably the thief planned to use that Grandma's Paypal account to forward the cash on to a confederate (maybe out of country), or use it to buy easily fenced goods (coins, to be on topic
The theif could also Grandma's account to buy instantly-deliverable online goods for their own benefit (like downloadable software licenses or video porn), or perhaps exchange it for hard cash by scamming yet a fourth party (I'll paypal you $100 if you give me $75 cash), or any of a number of other things.
Or... given the apparent lackadaisical attitude by eBay/Paypal, maybe they could just withdraw it to their own bank account in their own name. Nobody is likely to follow up with it anyway. Grr.
Ebay hides behind this "all we do is help sellers/buyers get in touch". Baloney!
Your story summarizes one of the reasons I stop buying high stuff on ebay 2 years ago. Now all I buy are items costing less than $50
Along those lines, DON'T USE THE SAME PASSWORD for your eBay account as any other accounts. Once the thief has your eBay account, he obviously knows your e-mail address. And if the password is the same, he can intercept your e-mail, which can cause all kinds of problems.
Luckily for my legit seller, he had a different password for his Paypal account, or the thief would have that too. And from there, you can make some intelligent guesses as to a person's online bank account. And from there... it really gets ugly.
A site dedicated to the sale of rare and high MS grade Morgan and Peace Silver Dollars. All coins are graded by ICG, PCGS, NGC, or Anacs, and are priced well below PCGS values.
Yeah, it's baloney, especially now that they own Paypal. They are taking a cut from the auction, and a cut from the payment. I think some minimal security precautions to protect their customers isn't too much to ask.
Here are some off the top of my head:
- Provide a FRAUD HOTLINE phone number, where a caseworker will be assigned who can coordinate between eBay and Paypal, rather than the victim bouncing back and forth and dealing via e-mail with a different person each time. This is so basic it's ridiculous that I should have to list it.
- Provide MEANINGFUL fraud protection, not the pathetically low amounts now (low enough that you aren't likely to waste your time collecting, which is I'm sure what they are counting on). If you're going to allow auctions by flakey unverified sellers for $1000, then share some of the risk and provide protection up to that amount.
- Verify that a user is who he says when they sign up. For starts, how about, oh, I dunno... CALL their damn phone number! And physically mail a new user a PIN number to verify their mailing address (and every time their mailing address is changed) before being that user to sell anything.
- Contact a user in the case of unusual activity. If a someone who has been doing nothing but buying ceramic figurines for 5 years suddenly lists three pieces of equipment for sale for $1000 each, then get a clue. Very basic fraud screening software would go a long way towards weeding this stuff out. If I -- as an uninvolved bystander -- can save three buyers from being defrauded $1000 each, shouldn't eBay be able to??
- Force eBay sellers or Paypal recipients to provide their full contact information to prospective bidders before bidding (name, address, and phone number), or at a minimum indicate that the seller is not willing to do so, so that bidders can avoid those sellers if desired.
- Don't allow Paypal payments for an auction to go anywhere but to the e-mail address registered with the eBay seller. (DUHHHHH....)
- Provide a "certified e-mail" service for dispute resolution. If you have a problem with a transaction and want to make sure the other party doesn't ignore you, you can send a message via the eBay web site (like Private Messages on this site) and you have a record that they have received it (eBay would force you to read your mail or stop using the site). This also provides a he-said/she-said record of messages with time stamps.
None of what I've listed is rocket science. All of it would be easily implemented with the amount of money eBay and Paypal bring in. And all would be beneficial to the long-term health of their business.
Unfortunately I think eBay/Paypal suffers from a major lack of serious competition and short-sightedness. So I doubt any of this will happen as long as new customers are increasing faster than old customers get burned and leave. Or perhaps until a major lawsuit. Hey, Adrian....
I sure wish they would take some of your advice. Perhaps we can put those suggestions into a nice business letter format then pass it around asking people to e-mail and snail mail it to eBay? Maybe we can also send it to some newspapers at the same time?
<< <i>Wow, just realized that first post was obscenely long, sorry >>
No, It was perfect..
Tad, quite an exercise. Glad you worked around it. I know how they cash out, and it's an even sweeter double sting. I got an email from a russian address that said they saw I used ebay and paypal. They said they received large amounts of american paypal cash payments for adult site access, and that they needed a partner in the US to receive paypal deposits. Once a week the partner would withdraw the cash and make a Western Union payment to the russian partner. The US partner keeps 30% + fees. I figured it was a chargeback scheme, and once the money was transferred from the stolen accounts and the money sent, the US partner would get hammered. The sender said it could evolve into several payments per week and I could work as much as I liked. The beauty of that deal is you know the goober that got caught wouldn't report the porno money he thought he was laundering. It only takes one goober.
and it sets us apart from practitioners and consultants. Gregor
<< <i>So if my Paypal payment hadn't been refunded, I would have denied the charge with my credit card issuer and let them squawk. Paypal would try to recover the money from my checking account only to find that I don't keep any in there. At which point they'd probably cancel my Paypal account, but at least I'd have my money, and frankly I'm not sure I care to support them until they fix some of their security issues. >>
What would have happened is then PayPal would have to get their money back from the seller. They would try to tip into HIS bank account, not yours. If you do a chargeback, they can't touch your bank account--they go after the seller's bank. VERY good advice about always using a credit card--that's saved me a couple thousand dollars in the past when I've been scammed.
ohbaby: Several states have filed suit against PayPal. New York's Attorney General, Elliot Spitzer, fined them $150,000 for "misrepresenting" themselves in their EULA, First USA Bank has sued PayPal for copyright infringement, a U.S. District Judge in California struck down the forced arbitration passage in PayPal's EULA, in 2002 Louisiana forbade PayPal to do business with residents of that state, California, Idaho, Louisiana, and New York are all investigating whether PayPal operates an unlicensed bank...
So yes, there are MANY problems with PayPal and several states HAVE filed suit or banned the use of PayPal within their state.
<< <i>The only question for the scammer is then how to cash out the Paypal funds >>
This is obscenely easy. Never pay an unverified seller because the unverified guy signs up with a fake name, gets the money, then pays an eBay seller, gets the item, then sells the item and has the new buyer send the money to their main (verified) PayPal account, then when you don't get what you paid for and do a chargeback, PayPal can't recover your money.
DHeath, that's the kind of cashout scheme I was thinking of... that one is particularly ingenious with the embarrassment factor thrown in if it falls apart.
And the crook gets to pick up cold hard cash at Western Union rather than leaving an electronic trail to a bank account. I don't think you necessarily even need an ID to pick up the cash, I think it can be done with a code word(?). Or of course a fake ID. So lacking international cooperation to put a sting on the Western Union branch... only the US mule would get busted.
Man, I sure wish these scammers would apply their ingenuity to more productive things.
And if you (as a merchant) don't like it, tough. Unless you never want to be able to accept credit cards again. Ever.
But with Paypal, if you agreed not to do chargebacks, and that holds up legally, then I dunno what happens.
However, from a practical standpoint, I suspect your credit card company is going to take your side, because (1) they want to keep you as a customer, (2) they'd rather not try to collect from someone who got ripped off and may decide not to pay on principle, and (3) it doesn't cost them anything, because they can just grab the money from Paypal and let it be their problem.
Now that Paypal is owned by eBay, if you get ripped off using Paypal on eBay I think Paypal has even less of a defensible case to get a chargeback reversed. Particularly if you can show how (as in my case) eBay was a major enabler to the fraud.
One other way to keep them from drafting from your bank account (if a buyer does a fraudulent chargeback), is instruct your bank that no funds are to be removed by PayPal unless you give them written authorization. Just follow Supercoin's advise and you should be safe 99% of the time
(There IS plenty in there about sellers agreeing that they are liable for a chargeback. See section 5.1 on the page above, and the link it refers to. Basically it says Paypal gets to put the screws to the seller, essentially the same risk taken by merchants who accept credit cards directly.)
So from what I can tell, as a buyer... if you fund your payment with a credit card, you should be pretty well protected. I would still very much recommend a separate small-balance bank account linked to Paypal, just in case Paypal gets frisky, and/or it's YOUR Paypal account that gets hacked. You don't want a thief making Paypal payments to his buddies from your main bank account.
Even if you are protected, I think your risk of being involved in fraud is significantly higher with Paypal. And, frankly, it's kind of creepy to be in that close of contact with someone who is actively trying to steal a pile of your money, even if you ultimately get your money back.
In contrast, when you buy from a merchant who accepts credit cards, you know they passed an extensive application process. You know you they are a real entity somewhere, with an address and phone number that someone actually verified. And you know the money is actually going to them, not to someone who has hijacked their account by guessing or scamming a simple password.
Ebay at your risk. What I have found out in my many years with Ebay and being a fraud victim is that it is better to pay a premium and buy a product from a brick and mortar shop and have peace of mind than to be defrauded on Ebay which is very common and the lack of any useful response from Ebay and their cronies.
You have to realise that Ebay is just a venue for trade, they do not conduct auctions. This is according to their own legal definition of ebay. They have covered their ass very well. So once again, Ebay at your risk.