eBay

Appreciate the reply, but not sure what it means exactly.

I would have thought, with past reports from some users that their antivirus was flagging it, that eBay would have a dedicated explainer page somewhere by now.

Should I just avoid ever clicking that "see full item description" link?  And what's the risk if I already did?

https://community.ebay.com/t5/Replacing-Active-Content/bd-p/activecontent

Thanks!

So it sounds, from the first post in that list, near the end of it, that it has to do with unsecure (non-https) content being in the user's description, which newer browsers don't allow on eBay's otherwise-https item pages:

"... eBay's solution (to prevent the new browsers from blocking display of the description) will be to open the description in a separate window, the way it currently handles mobile viewing. Descriptions with secure content, on the other hand, would continue to display within the main page."

Strange that I just started seeing that today, but it sounds like not a malware issue, even if unsecure (unencrypted).  It sounds like the phishing attempts were in the past, someone had hacked the ebaydesc.com site, and that was unrelated to this current issue of the workarounds for new browsers?

Thanks much, that helps.  I still think this is important enough and common enough that eBay should have an info page (outside this forum) that describes all aspects of it in full in their own words, so there's no need for users to try to fill each other in by pointing to other posts.

What you say is true: someone could now fake the "see full description" link, and have it take you to a malware site instead.  So I guess it's safest to check where those are going first before clicking.  Which now makes me wonder too if eBay runs all links through malware-detection software before they're allowed to go "live" on the site.

---

@cheerindigo wrote:

What you say is true: someone could now fake the "see full description" link, and have it take you to a malware site instead.  So I guess it's safest to check where those are going first before clicking.  Which now makes me wonder too if eBay runs all links through malware-detection software before they're allowed to go "live" on the site.

---

1) You can pay attention to where the "see full description" link is located in the listing. It will always be in eBay's "box", never in the actual description area.  If you ever see that button in the wrong place, it will be fake.  Note the outlined box around the button in my test listing, as that is where eBay's button belongs:

https://www.ebay.com/itm/This-is-a-test-please-do-not-bid/380647614391

2) eBay does not follow every link for malware.  Instead, eBay has a "links" policy forbidding offsite links except to specifically allowed (white-listed) domains for videos and freight.

https://www.ebay.com/help/Policy/-/Links_policy?id=4248

eBay is currently filtering listing links for whether they point to an eBay domain, a whitelist domain, or to an unauthorized destination.

Sellers whose listings still contain the unauthorized "weblinks" are sent regular notices to remove the links and eBay will eventually block those listings from renewing. Additionally, eBay has indicated that such pages will be demoted in search or may not appear at all until the links are removed.

I don't know what timeline eBay has for actually blocking listings with "weblinks" as they are currently in the notification period that allows sellers time to clean up their pages. When eBay rolls out full enforcement, we should see an end to most of the fraudulent links.

ShipScript has been an eBay Community volunteer since 2003, specializing in HTML, CSS, Scripts, Photos, Active Content, Technical Solutions, and online Seller Tools.

---