OpenDNS Blocks Ebay.co.uk as Phishing Site

Internet users resolving DNS requests through the OpenDNS were not able to access pages on the Ebay UK website yesterday. The problem was caused by a bogus entry in the phishing filter used by the service.

The reports started flowing in around last night, when many users trying to access any page starting with http://cgi.ebay.co.uk received a "Phishing Site Blocked" error. "Phishing is a fraudulent attempt to get you to provide personal information under false pretenses. We prevented you from loading this page as part of our safer, faster, and smarter DNS service. […] Powered by OpenDNS," the message read.

The problem lasted for about one hour, during which time some users expressed their frustration at not being able to bid on the products they wanted. Some people have figured out on their own how to add exceptions to the site blocking feature or disable the phishing filter entirely.

But even if the step by step solution, which required a registered account, was posted in the support forums, there were users who pointed out that they never heard of OpenDNS before this incident and did not sign up willingly for their service.

Daniel Gifford, the community manager of OpenDNS, eventually announced that they "removed what appeared to be a questionable sub-domain of ebay.co.uk from [their] database that was mistaken as an ebay phishing site" and apologized for the situation. He explained that "While we take measures to ensure that all sites are indeed valid phishes this one somehow fell through the cracks. We have removed it from our database and added it to our global whitelist to prevent it from happening in the future."

The DNS or domain name system is one of the backbones of the Internet, which is used to associate host names into numerical IP addresses. OpenDNS operates fast and offers reliable DNS servers available for free to anyone. In addition, the service delivers some additional features such as phishing site filtering through PhishTank, one of the most up-to-date lists of phishing sites, or personally defined URL shortcuts.