Les Brock Posted November 21, 2011 Share Posted November 21, 2011 Hi Guys, Do you think its safe.... Well I did until Friday, when I was hacked...(might not be the right word) Firstly before you say it - I do not give out my password to anybody,and its miles away from anything I use elsewhere So Friday afternoon I get a text saying "thank you for joining Blackberry App world" email pop up on my Iphone....Eh I thinks 2 mins or so later the phone goes mad, thank you for purchasing x App............26 times in less than 5 mins and i''m trying to work out whats going on Check the my online banking, nothing from there, check credit card on line nothing there... another 5/6 emails thank you for purchasing xxx........fuff right where is it coming from, check Paypal, sure enough there all showing up here in Canadian Dollars , then how the fupp to stop it, the answer was I bluddy well could'nt as there were pending transactions, By now I was having a major serious sense of humour failure ! So by now I'm in panic mode, my Paypal account was linked to my bank account for sellers fees etc, so managed to delete the link to the bank account, to stop that. onto bank to cancel all my cards I know they are not linked in anyway but now I'm taking no chances... Another few "thank you emails later" and it stopped for now...... So then change all the passwords etc..... and then file a claim for every single one of them individualy, So how did it get hacked, I have no idea whatsoever but I did All I know was they opened an account with Blackberry App world with my email address, which was opened without asking for a confirmation of the email address, my Paypal account has the same email and they started paying with Paypal...any Ideas ????????? Edit had this email... You've signed up for pre-approved payments plan to Research In Motion with PayPal. To view the details, log in on the PayPal homepage, go to your Profile, and click Pre-approved Payments. Then find the Details page for Research In Motion:PA-0X276804N7399xxxx. Yours sincerely, PayPal Upon investigation this had been set with a pre appproved limit of wait for it ....................$2.000.00 So If you use Paypal, it may be worth a look. Waiting to see what the final damage is, and I've registered for SMS security, if I want to make a payment PP send me a text message with a unique security number to my phone. This lasts for a minute and if it is not entered no payment is made. Regards Les Quote Link to comment Share on other sites More sharing options...
Bowie69 Posted November 21, 2011 Share Posted November 21, 2011 Cheers Les, Now double-locked my accounts with SMS as well... Quote Link to comment Share on other sites More sharing options...
landroversforever Posted November 21, 2011 Share Posted November 21, 2011 Thanks Les, just checking my account now Quote Link to comment Share on other sites More sharing options...
landroversforever Posted November 21, 2011 Share Posted November 21, 2011 Where do I set the SMS thingy? probably completely obvious going by my track record today! Quote Link to comment Share on other sites More sharing options...
MONKEYCOPPER Posted November 21, 2011 Share Posted November 21, 2011 i had my hotmail hacked 2 months ago, all it did was send app requests to all on my address list. bloody annoying but thankfully no other probs apart from people asking me why i was sending requests to play battleships !!!! Quote Link to comment Share on other sites More sharing options...
Bowie69 Posted November 21, 2011 Share Posted November 21, 2011 Ross, use the search facility, like everybody else Quote Link to comment Share on other sites More sharing options...
landroversforever Posted November 21, 2011 Share Posted November 21, 2011 I did find it eventually, but not through using the search... that didnt return anything of use! Quote Link to comment Share on other sites More sharing options...
Bowie69 Posted November 21, 2011 Share Posted November 21, 2011 I just searched 'sms' and it found 4 links which were all releveant... Quote Link to comment Share on other sites More sharing options...
landroversforever Posted November 21, 2011 Share Posted November 21, 2011 SMS produced no search results at all for me! and SMS security only one about not getting the messages through! Strange... Quote Link to comment Share on other sites More sharing options...
SPendrey Posted November 21, 2011 Share Posted November 21, 2011 SMS produced no search results at all for me! and SMS security only one about not getting the messages through! Strange... Don't worry Ross, the search tool accuracy is determined by your username and password... give me both of those, and I'll test it for you Quote Link to comment Share on other sites More sharing options...
landroversforever Posted November 21, 2011 Share Posted November 21, 2011 Thats great Scott! How much will it cost me? Quote Link to comment Share on other sites More sharing options...
Night Train Posted November 21, 2011 Share Posted November 21, 2011 Just double locked my account too. Thanks for the heads up. Quote Link to comment Share on other sites More sharing options...
SORNagain Posted November 21, 2011 Share Posted November 21, 2011 Read this thread this morning, didn't think anything of it but - just this second - received a mail purporting to be from paypal saying I have just sent skype a top up to the tune of £85. Clicking on the refund link gave me a paypal page to confirm my details BUT CLEARLY NOT a paypal URL!!! A quick bit of googling shows this to be a fairly common phishing scam. Gmail generally filters out most of the spam by default, so when one does get through I never know whether to believe it..... Not quite the same as your experience Les, but thought I would post it anyway. Thanks for the warning otherwise I might have become another victim. Hope you get is sorted out OK. Quote Link to comment Share on other sites More sharing options...
disco_al Posted November 21, 2011 Share Posted November 21, 2011 here you go https://www.paypal-marketing.co.uk/safetyadvice/SecurityKey.htm Quote Link to comment Share on other sites More sharing options...
discomikey Posted November 21, 2011 Share Posted November 21, 2011 cheers, just checking now. Quote Link to comment Share on other sites More sharing options...
reb78 Posted November 21, 2011 Share Posted November 21, 2011 Clicking on the refund link Its not a link to paypal - look at the address that appears when you hover over it. They make the text look like a paypal address, but it takes you somewhere else. I got one too - i just delete them - never ever click on a link on an email like that! Quote Link to comment Share on other sites More sharing options...
Les Brock Posted November 21, 2011 Author Share Posted November 21, 2011 Nope never click on one of those in your email, I only ever log into ebay from typing it in myself into a bar and sheck its secure and the right link the and only use it for Ebay as you do. So still not sure how it got set up once bitten and all..... Quote Link to comment Share on other sites More sharing options...
CwazyWabbit Posted November 21, 2011 Share Posted November 21, 2011 Just a thought.... If we assume the 'evil person' has your paypal credentials thus allowing them to spend all your money by purchasing apps, why wouldn't they just be able to log into paypal to turn the extra security off? Quote Link to comment Share on other sites More sharing options...
FridgeFreezer Posted November 21, 2011 Share Posted November 21, 2011 TBH this is unlikely to be a problem with PayPal - more likely a problem with someone stealing your PP details, someone's website/shop being insecure, you failing to log out of something on a shared PC, doing shopping over a wireless network, walking round with the blackberry broadcasting bluetooth/wifi or connecting to any random hotspot it can see, etc. etc. etc. Pretty much all of the biggest "hacks" ever have been down to social engineering - confidence tricks, spoof e-mails/websites, etc. and not the technology. Quote Link to comment Share on other sites More sharing options...
Les Brock Posted November 21, 2011 Author Share Posted November 21, 2011 Before the double lock they could, but now unless you put in the number that is sent to your phone, which expires very quickly, they cant get in to your account to turn the addtional security off. Closing the stable door after the horse has bolted in my case, but hopefully this will make sure your covered ! Quote Link to comment Share on other sites More sharing options...
CwazyWabbit Posted November 21, 2011 Share Posted November 21, 2011 Ah, ok that makes sense now. Quote Link to comment Share on other sites More sharing options...
Les Brock Posted November 21, 2011 Author Share Posted November 21, 2011 Hi Fridge, Well I dont have a blackberry lol I'm the only one that uses my PC at work, I dont use wireless on my Iphone...so dont really know why I've got one "usually" very carefull, not in this case obviously Quote Link to comment Share on other sites More sharing options...
simonr Posted November 21, 2011 Share Posted November 21, 2011 I've had so many 'issues' with PayPal recently that I've had to remove it as a payment option on X-Eng! The issues are generally chargebacks where someone has presumably bought something and had it shipped to the PayPal address they have entered - then the real owner of the account cancels the transaction. Paypal simply refund it and charge me - saying it's up to me to determine if the transaction is fraudulent. They do have a 'seller protection scheme' but the address you send to must be previously verified by PayPal and even if it is, they do not accept proof of delivery from any courier, other than the one they use if you book the shipping through PayPal. At the time a transaction is completed, there is no indication that the order has come from a verified address - you have to log in to your account and look at the buyers details to find out. That's fine - but it takes a lot of time. It wouldn't be hard from a programming point of view to tick a box for 'only accept transactions from verified addresses' kind of thing. I tried it for a week, contacting everyone who fell outside this, but it wasted hours with people arguing with me about it. I think PayPal do not want to look like the evil party - and want to pass the argument on to the seller. If this happens to you as a seller, you have no right of appeal - they just say "too bad!" I really wish there was a viable alternative to PayPal. Si Quote Link to comment Share on other sites More sharing options...
sean f Posted November 21, 2011 Share Posted November 21, 2011 I've had so many 'issues' with PayPal recently that I've had to remove it as a payment option on X-Eng! The issues are generally chargebacks where someone has presumably bought something and had it shipped to the PayPal address they have entered - then the real owner of the account cancels the transaction. Paypal simply refund it and charge me - saying it's up to me to determine if the transaction is fraudulent. Surely if you have sent to an address and have proof of delivery so you can prove it arrived if the "real owner" then claims it is fraudulant then it is a faily clear case of fraud against you. This is a police matter and with name (probable fake) and an address it should be to hard to track the culprit down. Multiple reports going to the same address should lead to an investigation, knock on the door and see who answers, a cross check against delivery signatures should result in someone having to answer a lot of difficult questions. Quote Link to comment Share on other sites More sharing options...
Mutz Posted November 21, 2011 Share Posted November 21, 2011 Sorry to hear about your hassle Les, Thank you for the heads up only use paypal so have now used the above link and its now locked. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.