ATO Reactive Training 1st Level Jasmin Kazi 10.08.
-
Upload
naomi-bailey -
Category
Documents
-
view
218 -
download
0
Transcript of ATO Reactive Training 1st Level Jasmin Kazi 10.08.
![Page 1: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/1.jpg)
ATO Reactive Training 1st Level
Jasmin Kazi 10.08
![Page 2: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/2.jpg)
eBay Inc. confidential2
Agenda
• ATO Definition
• How ATO happens
• Levels of ATO
• Action taken by eBay
• ATO Suspension
• Other tracking issues
![Page 3: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/3.jpg)
eBay Inc. confidential3
How Takeovers happen?
• Spoof/Phishing
• Password not secure
• Compromised email
• Virus, Trojans, Keystroke-Loggers
![Page 4: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/4.jpg)
eBay Inc. confidential4
SPOOF / PHISHING
![Page 5: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/5.jpg)
eBay Inc. confidential5
Spoof example 6 / Account Takeover
![Page 6: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/6.jpg)
eBay Inc. confidential6
Spoof example 6 / Account Takeover
![Page 7: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/7.jpg)
eBay Inc. confidential7
Password Security
![Page 8: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/8.jpg)
eBay Inc. confidential8
Compromised Email
Once the email address is compromised the acker can:
• Change eBay password
• Forward the emails received to a non authorized person.
• Send emails from this address to offer inexistent items.
![Page 9: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/9.jpg)
eBay Inc. confidential9
Viruses, Trojans, Keystroke-Loggers
To avoid virusestrojans or keystroke loggers
• Use an Anti-Virus
• Update the anti virus
• Use a firewall
• Scan your PC often.
![Page 10: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/10.jpg)
eBay Inc. confidential10
Tools
Suspect IP Suspicious activities Suspicious profile
ToolInvestigation
LVIS
SHATO
Listing violation inspection System
SH/ATO Referral Form
![Page 11: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/11.jpg)
eBay Inc. confidential11
…..any questions??????
![Page 12: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/12.jpg)
eBay Inc. confidential12
The ATO Types
![Page 13: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/13.jpg)
eBay Inc. confidential13
The ATO levels
1.Compromised Accounts
2.No Activity ATO
3.Bidding ATO
4.Selling ATO
5.Spam ATO
![Page 14: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/14.jpg)
eBay Inc. confidential14
Compromised Accounts
An account si compromised when 3rd party was able to access the account but nothing has been changed.
This can be detected by our system through the IP address.
Action taken by eBay:
Randomize PW email to user to reset the PW
Macnote: restore no contact
Issue 1 dropped automatically
![Page 15: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/15.jpg)
eBay Inc. confidential15
ATO no activity / inactif
ATO no activity happens when 3rd party access to the account and changes some account details (i.e. PW, email address etc)
Action taken by eBay:
Randomize PW + restore old details
Self remedy issue 34 open by ATO: email sent with the steps to follow by user in order to proceed with verification (PIN code)
Issue block activity until the verification is done: issue closed automatically
![Page 16: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/16.jpg)
eBay Inc. confidential16
ISSUE 34 (Self remedy)
![Page 17: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/17.jpg)
eBay Inc. confidential17
ATO Selling
A third party hacked the account in order to list items (inexistent) and get the money
Action taken by eBay:
Randomize PW + restore old details
Remove listings/FB/ credit fees etc
Issue 12: email sent requesting identity verification. In this case member needs to contact CS.
For EEC: POI/POA
Issue block activity until the verification is done: issue closed by CS
![Page 18: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/18.jpg)
eBay Inc. confidential18
ATO Bidding/ Buying
A third party hacked the account in order to buy items (with fraudulent payment methods)
Action taken by eBay:
Randomize PW + restore old details
Remove bids/remove upi strikes etc
Issue 12: email sent requesting identity verification. In this case member needs to contact CS.
For EEC: POI/POA
Issue block activity until the verification is done: issue closed by CS
![Page 19: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/19.jpg)
eBay Inc. confidential19
ATO Spam
A third party hacked the account in order to send some spam emails
Action taken by eBay:
Randomize PW + restore old details
Issue 12 open by ATO: email sent requesting identity verification. In this case member needs to contact CS.
For EEC: POI/POA
Issue block activity until the verification is done: issue closed by CS
![Page 20: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/20.jpg)
eBay Inc. confidential20
ISSUE 12
![Page 21: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/21.jpg)
eBay Inc. confidential21
…..any questions??????
![Page 22: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/22.jpg)
eBay Inc. confidential22
Dormant Account: issue 56 / ATO suspension
• In order to protect dormant accounts from being victim of ATO, the system detects that no activity for +12 moths
• An issue 56 will be automatcally dropped for tracking purposes and then the account might be suspended for ATO
• Member receives an email to explain how to get access to the account again: POI/POA
![Page 23: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/23.jpg)
eBay Inc. confidential23
Other Issues
Issue for tracking purposes only:Issue for tracking purposes only:
•Issue 21: flags IP address from RomaniaIssue 21: flags IP address from Romania
•Issue 22: suspicious sign in (different countries)Issue 22: suspicious sign in (different countries)
![Page 24: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/24.jpg)
eBay Inc. confidential24
ISSUE 21
![Page 25: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/25.jpg)
eBay Inc. confidential25
…..any questions??????
![Page 26: ATO Reactive Training 1st Level Jasmin Kazi 10.08.](https://reader030.fdocuments.in/reader030/viewer/2022033106/56649f3e5503460f94c5ecb2/html5/thumbnails/26.jpg)
eBay Inc. confidential26
When users will contact us?
ATO situations
I think someone uses my account….
Items have been sold on my account but it was not me……
I‘ve never bid on this item…..
Can‘t access to my account……
Action we need to take:
Verify selling/buying activity (type of items, when happens)
Less 30 days: open a SHATO Report
More 30 days: reassign case to C.M.