开云体育

In this instance, the "clue" (other than the dodgey deal itself) was that the "Daily Deals" fake ebay site was not TLS secured.? It was plain old http:

If you try to go to ebay (.com or .co.uk for example) using http, you will automatically get redirected to the https secured pages.

Doing a traceroute on the daily deals link address, and then trying to reverse DNS the resulting endpoint IP address, also flagged up suspicions.

Any site that isn't using TLS these days, that purports to be ebay is instantly suspicious.??? (Another good reason not to hide details in the URL bar.? Google, are you listening?? Of course they are, but only 'bots.)

As to DNS settings, not sure which Dave the comment was targeted at, but I already use Quad9 and their secondary address (that, without poking at the settings I can't remember) in both my home router and travelling PC.?? Sure, it stops a lot, but stuff like that due to being hosted on Digital Ocean's systems (a valid hosting company) still get through.

Take care.

73.

Dave G0WBX
(Too many "Dave's" on here...)

---

Re: Some suspiciously cheap RF test kit on eBay UK
From: Dave McGuire
Date: Mon, 08 Oct 2018 09:54:08 PDT

...which is an excellent argument in support of "encryption
everywhere". The scumbags will find a way around that (like simply
registering and installing SSL certificates) but the trick is to stay
one step ahead of them.

The point, though, is that there's no way to tell what domains are
"fake". After all, what constitutes "fake" in this context? The
fraudulent listing is a fully legitimate domain name, there is nothing
"fake" about it other than the fact that, as a substring, it includes
the same sequence of characters as that of a well-known web site.

That is actually an extraordinarily difficult problem to solve without
creating lots of false positives.

-Dave

-- 
Created on and sent from a Unix like PC running and using free and open source software.
::