AI Hyper-Personalised Phishing Impersonating eBay
Criminals use AI to craft eBay phishing messages that reference real items a victim is watching or has recently bid on, making fake payment requests or account alerts feel entirely legitimate.
Part of: AI Hyper-Personalised Phishing Scams
Last reviewed: 8 June 2026
eBay's marketplace is dynamic — bids, watchlists, and listings change constantly, and members are accustomed to receiving time-sensitive communications about auctions ending, items selling, or bids being outbid. AI-assisted phishing exploits this by crafting messages that reference real items on a victim's watchlist or recent bid activity, creating urgency that bypasses the usual critical eye.
Attackers can gather eBay watchlist data from prior account compromises, from public listing information associated with known usernames, or from data-broker aggregates. An AI tool then generates a personalised phishing message — 'Your bid on [item name] has been outbid. You have 12 minutes to reclaim your position. Verify your payment method to continue.' — that mirrors the style of genuine eBay notifications.
The payload is typically a fake eBay sign-in or payment-details page, capturing credentials or card numbers from victims who act on what feels like an immediate, relevant auction alert.
How this scam works on the eBay brand
The phishing email or text references an item category the victim genuinely watches — vintage electronics, sports memorabilia, designer clothing — and names a plausible item at a plausible price point. The message is styled identically to eBay's standard outbid or winning-bid email format.
Clicking the link leads to a convincing eBay sign-in page. After credentials are entered, the attacker logs in and either places bids on the victim's behalf to drain saved payment methods, changes the account's PayPal or bank link to route any sale proceeds elsewhere, or adds a new shipping address for fraudulent purchases.
Some campaigns use AI to generate convincing buyer-to-seller messages: 'I am very interested in your item. Please confirm your PayPal details to finalise the transaction.' The link leads to a fake PayPal page, not eBay.
Common red flags
- An eBay email references a specific item you are watching but links to a domain that is not ebay.com
- The message creates extreme urgency around an auction end time and asks you to click through to verify payment
- Hovering over any link reveals a non-ebay.com domain despite an eBay display name in the sender field
- A message references item details correctly but the payment or sign-in page URL is not ebay.com or paypal.com
- The email arrives at a time when no such auction activity is apparent in your eBay account when you log in directly
- A buyer or seller message includes a direct link for payment outside of eBay's standard checkout flow
How to protect yourself
- Log in directly at ebay.com to check any auction or account alerts — never through email links
- Enable two-factor authentication on your eBay account under Account Settings, Sign In and Security
- Check your eBay Messages inbox at ebay.com/messages — genuine eBay system communications appear there
- Use eBay's Managed Payments exclusively and never process payment outside eBay's platform, regardless of what a buyer or seller requests
- Use a unique password for eBay and a dedicated email address to isolate it from other breach exposure
- Forward suspicious eBay-branded emails to [email protected]
How to report it
- Forward phishing emails to [email protected]
- Report suspicious buyer or seller messages using the Report button within the eBay message thread
- File a complaint with the FTC at reportfraud.ftc.gov
- If credentials or payment details were entered, change your eBay password immediately and contact your bank
Frequently asked questions
How does an attacker know which items I am watching on eBay?
Watchlist data can come from a prior account compromise, from public search patterns associated with a username, or from data broker profiles that include e-commerce activity. Keeping your eBay username private and using a unique account email reduces this exposure.
How do I know if an eBay outbid email is genuine?
Check your eBay account directly by logging in at ebay.com. Genuine outbid notifications also appear in your eBay Messages inbox. A real eBay email never asks for payment card re-verification through a link.
Is paying via PayPal outside eBay safe?
No. Payments processed outside eBay's Managed Payments are not covered by eBay's Money Back Guarantee. Any request to pay via a link sent through messaging rather than eBay checkout is a significant fraud warning sign.