It's not very often that you find yourself viewing a website that is outright malicious in its content. Most times, malicious sites or ones that have clever phishing techniques are masked in some way to hide their true identity. Seldom do we find a site that screams "malicious," which is why a site like eBay has been the recent brunt of attacks carried out through user-created eBay stores to peddle malware and launch phishing sites.
While the task of creating an eBay store is simple, attackers must initiate the spread of their malicious store's links. When such a store is loaded into a web browser, the user is redirected to a page that later displays popup messages through the phishing site asking for user information. The information asked is usually your eBay login, which may be sent to the cybercrooks to later log into your eBay account and perform endless actions that may end up costing you money or risks identity theft.
As we know with phishing sites, they can be aggressive in their actions and eventually are successful in obtaining personal data from unsuspecting users. The case of eBay's vulnerability, the attack may be two-fold where it attempts to collect personal information and eventually installs a malicious application on your PC or smartphone device.