Jump to content

Paypal..Warning

Les Brock

By Les Brock
in International Forum

 Share

Recommended Posts

Les Brock

Les Brock

Posted
Posted

Hi Guys,

Do you think its safe....

Well I did until Friday, when I was hacked...(might not be the right word)

Firstly before you say it - I do not give out my password to anybody,and its miles away from anything I use elsewhere

So Friday afternoon I get a text saying "thank you for joining Blackberry App world" email pop up on my Iphone....Eh I thinks icon_scratch.png

2 mins or so later the phone goes mad, thank you for purchasing x App............26 times in less than 5 mins and i''m trying to work out whats going on

Check the my online banking, nothing from there, check credit card on line nothing there...

another 5/6 emails thank you for purchasing xxx........fuff

right where is it coming from, check Paypal, sure enough there all showing up here in Canadian Dollars , then how the fupp to stop it, the answer was I bluddy well could'nt as there were pending transactions, By now I was having a major serious sense of humour failure !

So by now I'm in panic mode, my Paypal account was linked to my bank account for sellers fees etc, so managed to delete the link to the bank account, to stop that. onto bank to cancel all my cards I know they are not linked in anyway but now I'm taking no chances...

Another few "thank you emails later" and it stopped for now......

So then change all the passwords etc.....

and then file a claim for every single one of them individualy,

So how did it get hacked, I have no idea whatsoever but I did icon_eek.gif

All I know was they opened an account with Blackberry App world with my email address, which was opened without asking for a confirmation of the email address, my Paypal account has the same email and they started paying with Paypal...any Ideas ?????????

Edit had this email...

You've signed up for pre-approved payments plan to Research In Motion with PayPal.

To view the details, log in on the PayPal homepage, go to your Profile, and click Pre-approved Payments. Then find the Details page for Research In Motion:PA-0X276804N7399xxxx.

Yours sincerely,

PayPal

Upon investigation this had been set with a pre appproved limit of wait for it ....................$2.000.00 affraid.gif

So If you use Paypal, it may be worth a look.

Waiting to see what the final damage is,

and I've registered for SMS security, if I want to make a payment PP send me a text message with a unique security number to my phone. This lasts for a minute and if it is not entered no payment is made.

Regards

Les

Link to comment
Share on other sites
SPendrey

SPendrey

Posted
Posted

SMS produced no search results at all for me! and SMS security only one about not getting the messages through! Strange...

Don't worry Ross, the search tool accuracy is determined by your username and password... give me both of those, and I'll test it for you :P

Link to comment
Share on other sites
SORNagain

SORNagain

Posted
Posted

Read this thread this morning, didn't think anything of it but - just this second - received a mail purporting to be from paypal saying I have just sent skype a top up to the tune of £85. Clicking on the refund link gave me a paypal page to confirm my details BUT CLEARLY NOT a paypal URL!!! A quick bit of googling shows this to be a fairly common phishing scam. Gmail generally filters out most of the spam by default, so when one does get through I never know whether to believe it.....

Not quite the same as your experience Les, but thought I would post it anyway. Thanks for the warning otherwise I might have become another victim. Hope you get is sorted out OK.

Link to comment
Share on other sites
reb78

reb78

Posted
Posted

Clicking on the refund link

Its not a link to paypal - look at the address that appears when you hover over it. They make the text look like a paypal address, but it takes you somewhere else.

I got one too - i just delete them - never ever click on a link on an email like that!

Link to comment
Share on other sites
Les Brock

Les Brock

Posted
  • Author
Posted

Nope never click on one of those in your email,

I only ever log into ebay from typing it in myself into a bar and sheck its secure and the right link the and only use it for Ebay as you do.

So still not sure how it got set up

once bitten and all..... :blush:

Link to comment
Share on other sites
FridgeFreezer

FridgeFreezer

Posted
Posted

TBH this is unlikely to be a problem with PayPal - more likely a problem with someone stealing your PP details, someone's website/shop being insecure, you failing to log out of something on a shared PC, doing shopping over a wireless network, walking round with the blackberry broadcasting bluetooth/wifi or connecting to any random hotspot it can see, etc. etc. etc.

Pretty much all of the biggest "hacks" ever have been down to social engineering - confidence tricks, spoof e-mails/websites, etc. and not the technology.

Link to comment
Share on other sites
Les Brock

Les Brock

Posted
  • Author
Posted

Before the double lock they could,

but now unless you put in the number that is sent to your phone, which expires very quickly, they cant get in to your account to turn the addtional security off.

Closing the stable door after the horse has bolted in my case, but hopefully this will make sure your covered !

Link to comment
Share on other sites
simonr

simonr

Posted
Posted

I've had so many 'issues' with PayPal recently that I've had to remove it as a payment option on X-Eng!

The issues are generally chargebacks where someone has presumably bought something and had it shipped to the PayPal address they have entered - then the real owner of the account cancels the transaction. Paypal simply refund it and charge me - saying it's up to me to determine if the transaction is fraudulent.

They do have a 'seller protection scheme' but the address you send to must be previously verified by PayPal and even if it is, they do not accept proof of delivery from any courier, other than the one they use if you book the shipping through PayPal. At the time a transaction is completed, there is no indication that the order has come from a verified address - you have to log in to your account and look at the buyers details to find out. That's fine - but it takes a lot of time. It wouldn't be hard from a programming point of view to tick a box for 'only accept transactions from verified addresses' kind of thing. I tried it for a week, contacting everyone who fell outside this, but it wasted hours with people arguing with me about it. I think PayPal do not want to look like the evil party - and want to pass the argument on to the seller.

If this happens to you as a seller, you have no right of appeal - they just say "too bad!"

I really wish there was a viable alternative to PayPal.

Si

Link to comment
Share on other sites
sean f

sean f

Posted
Posted

I've had so many 'issues' with PayPal recently that I've had to remove it as a payment option on X-Eng!

The issues are generally chargebacks where someone has presumably bought something and had it shipped to the PayPal address they have entered - then the real owner of the account cancels the transaction. Paypal simply refund it and charge me - saying it's up to me to determine if the transaction is fraudulent.

Surely if you have sent to an address and have proof of delivery so you can prove it arrived if the "real owner" then claims it is fraudulant then it is a faily clear case of fraud against you. This is a police matter and with name (probable fake) and an address it should be to hard to track the culprit down. Multiple reports going to the same address should lead to an investigation, knock on the door and see who answers, a cross check against delivery signatures should result in someone having to answer a lot of difficult questions.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We use cookies to ensure you get the best experience. By using our website you agree to our Cookie Policy

  I accept