When security expert Bruce Schneier tried to sell a used laptop on eBay, he thought it would be easy. Instead, a sale was aborted twice — first by a scammer using a hacked eBay account and then by a buyer who tried to trick Schneier into sending her the laptop after she cancelled payment.
Schneier, the chief security technology officer at BT, is an authority on cryptography and frequently speaks and writes on security-related issues.
Schneier's first attempt to sell the used Sony Vaio TZ-series on eBay appeared to be successful within hours of its listing, but eBay cancelled the sale saying the winning bid came from a hacked account, he wrote in a blog post.
A second attempt to sell the laptop also appeared to be successful within hours of being listed on eBay. The buyer paid for the laptop using PayPal and requested that Schneier send it to her using FedEx. She then canceled the payment by disputing it with PayPal, apparently hoping that the laptop would be shipped before Schneier found out.
“But PayPal was faster than she expected, I think. At the same time, I received an e-mail from PayPal saying that I might have received a payment that the account holder did not authorize, and that I shouldn't ship the item until the investigation is complete,” Schneier wrote.
The experience left Schneier frustrated and looking for a buyer interested in the used laptop.
“I'm willing to make Attempt 3, if just to see what kind of scam happens this time. But I still want to sell the computer, and I am pissed off at what is essentially a denial-of-service attack,” he wrote.
At the time of writing, an eBay representative could not be reached for comment.