FRIHOST FORUMS SEARCH FAQ TOS BLOGS COMPETITIONS
You are invited to Log in or Register a free Frihost Account!


Paypal Hacked!





devotchka
My PayPal have been hacked and funds taken off.

Please, beware and check your paypal accounts as soon as possible, if you find that you have the same problem open a dispute (investigation of an unauthorized activity claim). The more reports - the more chance we have of having our money back.

Somehow this person is cancelling disputes to slow down the investigations and the cases are getting closed.
I changed my paypal password but they managed to get into my account again
I think they are also getting into our e-mail accounts. The "case closed" message was deleted from my mailbox.

I contacted paypal through their own contact form, opened a dispute without an ID changed each and every password, security questions, deleted credit cards, am paranoid, devasted and waiting for a reply.

Anyway, just a heads up for you folks.
utsav2707
Its a very serious issue buddy.thanks for letting us know.now we have to be more careful
from now onwards
k_s_baskar
Too bad to hear...

Nowadays lot of paypal ids were hacking using spam mails. To avoid hacking your paypal user id and password

1. Don't click and enter into url from mails (Some spam mails will take to different site which will look same as paypal site)

2. Type the url http://www.paypal.com from the browsers address bar (don't use pretypied content)

3. Never reply to emails asking your paypal password.
ozziejim
so much for it being completely secure
I also use this for business and thankfully i have not run into any problems as yet, but from now on i wont be keeping any funds in my account for longer than neccesary (which i often would)

Its a shame that such a well known secure net bank is being hacked, but it is just a bunch of code afterall, and you cant beat the hole in the ground, even if it is primitive. lol

As useful tool as paypal is, it should not be allowed to run if money is being stolen and accounts are being hacked
rvec
i wonder if paypal was hacked. It's far more easier to get into someones mail and get the pass. Also because of this:
Quote:
The "case closed" message was deleted from my mailbox.

That's strange if this guy hacked paypal.
Liu
Paypal has always been sketchy since it started. Primarily the reason why I don't bother with them. There are other ways that are more "secure" than to let a third party organization handle your money.
tijn01
oo my god this is serious shit, I use paypal a lot and always assumed they were a 100% procent safe. Guess not.... are they going to reimburse your funds or is it all lost. Still can't believe it, I buy and sell a lot on Ebay and use paypal for most transactions... what to do now???
Any suggestions are more than welcome

Cheers
ydjluv
yes... only enter your personal info on the paypal site itself... or if you are purchasing something with paypal funds...then purchase from a source that has a reputation... I wouldnt recommend entering your personal info on something that someone is trying to sell you from email... you would only be asking for it.... also there are other ways that hackers can get your login info... so I would recommend using mozilla firefox instead of IE since its alot more secure since it uses its own dll files instead if IEs which are tied in with windows... another thing you might want to consider for security is use different passwords for different things considering if you use the same password and username everywhere there is a good chance they can get into about everything you have.... also check for spyware and things of the sort... check your processes that are running and look for anything unusual... they may have installed a trojan of some sort on your computer that could be logging keystrokes... thats the first thing a hacker does is try different services with the same usernames and passwords they have.... paypal can track everything that takes place on your account so they should be able to get the FBI involved pretty easily since they have logs of activity that takes place on your account and their server... heh... btw I guess you could consider me an old skewl security analyst so trust me on what I tell you... if anyone needs any security help...you can contact me at ydjluv@hotmail.com or just message me here... Laughing
unknownc1c
wow that really sucks, luckily i don't use paypal, i never really trusted it and never really had a point to use it.

You mentioned you changed your password but they still got into it, did you try running scans of your computer? You probably have some spy ware on your computer. I use spy bot, ad-aware, and anti-virus programs to remove all harmful stuff from my laptop. It could be that paypal has been hacked into, but most likely you have some sort of spy ware on your computer. As for the part were it says "case closed" i don't use paypal, but is it possible to close any cases you start? cause if you can this hacker is probably monitoring your computer and closing/cancelling anything you start.

Anyways, i hope things work out in the end for you.
ydjluv
Take a look at this... apparently Paypal is very aware of this problem....

Quote:
EBay's online payments division, PayPal, will pay $169 million for an Israeli security company specializing in detecting online fraud, the companies said Monday. The deal should close within 30 days.

Fraud Sciences, a private company, has developed technology designed to differentiate between real and fraudulent transactions. That technology will be folded into PayPal's antifraud systems, which will be "significantly" improved this year, eBay said.

Fraud Sciences' Chief Operating Officer, Yossi Barak, and founders Shvat Shaked and Saar Wilf will move to PayPal's technology and fraud management teams.

PayPal lets two users exchange money online via e-mail addresses. The ease at which people can transfer money has also made it one of the most highly targeted brands for phishing scams, where fraudulent Web sites mimicking real sites are set up in order to steal people's log-in details.

PayPal has taken other steps to shore up its defenses. Early last year, it began offering a keychain with a one-time numeric passcode that users enter in addition to their log-in and password. The passcode expires after 30-seconds, which greatly reduces a hacker's window of opportunity to get access to someone's account.

PayPal has also pushed for free e-mail providers to block e-mail sent without digital signatures. That would potentially mean fewer scam e-mails would land in people's inboxes, reducing the chance of fraud, although providers have yet to make a unified commitment.

By Jeremy Kirk, IDG News Service, 01/28/08

edit by rvec: please use quote tags and add a source
bloomer
wow thanks for this m8, im gonna watch my account now!
LeatherRose
Oh yeah!! every that is online can and at one point or another will get hacked. there are people out there called "phishers" and the scam you to get your information so they can get into your files.
goutha
Wow this is really terrible...

I hope that you didn't lost a lot of money.

Try not to leave money into your paypal account, and buy with your credit card throw your paypal... That's safer. It's more easy to get your funds back from your credit card company then from paypal... we all know that paypal sucks...
ydjluv
I wouldnt worry about it too much... paypal says that after they transition to the new system... it will be ALOT harder for other people besides the account holder to use the account....
darvit
Nice. And I just had my bank account verified the other day. Surprised
Is there a way to un-verify myself and delete my bank info?
Aless
It was probably a case of using a public computer to access your details, thus leaving yourself vulnerable to attack or perhaps your internet network was hacked. Always make sure you you see the 'secure' logo (the little closed lock) on your browser when doing any financial transactions online. Otherwise, PayPal should be able to resolve any security issues.
gr8inferno
Paypal is one of secure money market today, its fast and easy , to say that its 100% secure it's crazy. Nothing is secure you just have to do your part and watch your account. However, I've had paypal for years and never had any problem. 0-nada .
You mentioned that "case closed" was removed from your email, chances are they hacked your email first. so, I do not hold Paypal responsible. The thing is you do have to avoid using public CPU i.e. Libraries, Cafe, public WiFi etc. if you are dealing with Bank accounts, Paypal or any money Market accounts. Asked your trusted friends/relatives or better yet get your own CPU.

My theory? someone you know and knows you very well is the one who's responsible. ..eh I'm just guessing. don't mind me. I bid you good luck though.
salman_500
its not paypals fault if your e-mail account gets hacked... its not like they hack your e-mail id from your paypal ... why would anyone wana do that?

by the way, have u been through a serious loss ? you seem awfully calm for a person whos moneys just taken away :p
whitehole
devotchka wrote:
My PayPal have been hacked and funds taken off.

Please, beware and check your paypal accounts as soon as possible, if you find that you have the same problem open a dispute (investigation of an unauthorized activity claim). The more reports - the more chance we have of having our money back.

Somehow this person is cancelling disputes to slow down the investigations and the cases are getting closed.
I changed my paypal password but they managed to get into my account again
I think they are also getting into our e-mail accounts. The "case closed" message was deleted from my mailbox.

I contacted paypal through their own contact form, opened a dispute without an ID changed each and every password, security questions, deleted credit cards, am paranoid, devasted and waiting for a reply.

Anyway, just a heads up for you folks.


I've had my pp account hacked twice. Both times they had great customer service and nothing bad in the end. Be dilligent is the best advice I can give. Also, be extra careful with opening emails. That's how they got me anyways. Gl!
waikiki
mine s great....for now Confused
lethaltriad
Hardly use my Paypal account but I just checked it and everything seems to be in order. My password usually consists of upper and lowercase characters along with numbers to make it a little harder for anyone to gain access to.
auditorgeneral
How come could someone easily hacked paypal account? I had been hearing of these from many people about their paypal being hacked but I wonder how that could be easily done if not getting through your private account first. I warned people never to signup for any prgram requsting for their paypal account and password. I rejected an offer sometimes ago where a program was asking me to key in my egold account number and passphrase into their system for me to make some bucks but I turned it down. Please take good care of your account very well
hofodomo01
Guh, gotta watch out for stuff like this. I generally try my best to avoid using public internet connections and the sort...but I guess it can still happen.
ninjakannon
As far as I know PayPal itself is practically 100% secure. I haven't heard of any successful attempts to access their databases and such. Realising this people have almost stopped attempting to 'hack' PayPal and such sites. Instead, as has been mentioned before in this thread, the 'hackers' attempt to infiltrate your computer with trojans, key loggers and the like. They can also hack your email with relative ease, I believe.

Talking of email hacking, ydjluv: you should probably edit your post and remove or change the form your email is in. Otherwise it could be picked up by the wrong people!

Unfortunately, this gives PayPal and similar companies the edge over customers who have had their money stolen as they can in the majority of cases argue that it is the fault of the customer.
friuser
It's true, Many public computers can be infected with a trojan and virus and you should always practice dilligence in accessing your accounts when using such facilities. The best thing you can try to do is use those click on keyboard type style password accesses (not very common) and very annoying. Heck even using public wireless networks can have your information sniffed and than used to access information but it's less likely since most regular sites will just encrypt your login.

So I guess the lesson here is to just use your own computer if at all possible. Best way to accomplish that is to have a pda style phone which allows you to have wireless (like iphone). My paypal has never been hacked because I never visit phish sites and login through public computers.
achowles
Yeah, I have to agree. It sounds more like your email account was hacked.

You might want to change all your passwords for all the sites you're registered with that are of any significance. Sites such as online stores for instance.

Also, you might want to set up a new email account and use that from now on. Just forward all the email from your old account to the new, so you don't miss anything.
tony
WOW! That is scary because I put so much trust into PayPal...

I always feel it is extremely secure. Hmm, All the best wishes to you; I hope it was not a significant loss....

That must be hard, thanks for sharing your trouble too...
misterXY
k_s_baskar wrote:
Too bad to hear...

Nowadays lot of paypal ids were hacking using spam mails. To avoid hacking your paypal user id and password

1. Don't click and enter into url from mails (Some spam mails will take to different site which will look same as paypal site)

2. Type the url http://www.paypal.com from the browsers address bar (don't use pretypied content)

3. Never reply to emails asking your paypal password.

also try not to keep funds in there and use a prepaid card:)
also a very well cleaned pc.
devotchka
salman_500 wrote:
its not paypals fault if your e-mail account gets hacked... its not like they hack your e-mail id from your paypal ... why would anyone wana do that?


Because some little sh*t people are mean?
By the way, how could "they" even know I had a paypal account by hacking my e-mail, how about my password?
"They" got into my e-mail after getting into my pp account and then, even my credit card was used fraudulently.

salman_500 wrote:
by the way, have u been through a serious loss ? you seem awfully calm for a person whos moneys just taken away :p


Each and every loss is a greater loss. What can I do but contact pp and let them know what's going on, pull my hair out and scream?

Also, I am not the only one going through this http://forums.digitalpoint.com/showthread.php?t=667954

I keep asking myself why some people love criticizing other people...Some care about something only when it affects them, anyway...

I have never disclosed my password to anyone, nor have I ever fallen victim to any of the PayPal scams. My computer is free of virus infection, security was never a problem here. Well, thank you all for your support. This too shall pass and justice will be served.



EDIT:

PayPal has verified the unauthorized transfer and stolen funds have been credited back to my account. Pray

I hope the credit card company will do the same now that PayPal have recognized that it was not my fault. I have contemplated torturing the "hacker" in the most violent fashion imaginable but I called the internet crimes police instead.
ninjakannon
devotchka wrote:
By the way, how could "they" even know I had a paypal account by hacking my e-mail, how about my password?
"They" got into my e-mail after getting into my pp account and then, even my credit card was used fraudulently.

You can't tell which they got into first; they may have got into your email but not made any changes. As for knowing that you had a PayPal account, perhaps they didn't! They could have got into your email and then used the 'Forgot your Password?' feature on the PayPal website to send a new password to your email. If no email was sent then they could discard your email, or sell it on to others. If it worked then they could log into your Paypal account and delete the email from your inbox. I'm sure they have other methods, also.
I can't tell you how they got your email address, nor can I explain how they got your password. But the most innocent things on the web can turn out to be far more deadly than you could ever imagine (often without you even realising it).
OH! I've just had a devious thought. There's a 'Forgot Your Email Address?' feature on Paypal too. This allows you to enter some details about yourself to reveal your password. But you could take advantage of this by setting up a form filling macro that ran through a list of people. And they could have bought this list of people. (However, they can't have done this to you as that would only work if you hadn't added a bank account, credit or debit card to your account.)

If I can think of these techniques in a few minutes I'm sure they can come up with far better ones.

devotchka wrote:
I have never disclosed my password to anyone, nor have I ever fallen victim to any of the PayPal scams. My computer is free of virus infection, security was never a problem here. Well, thank you all for your support. This too shall pass and justice will be served.

Like I said, they can be devious. I rarely visit 'dodgy' websites, never even open spam mail or give my password away. I almost always check that I'm not being phished. Yet somehow when I run my virus scanner something is found to be infected; I have no idea where these things come from! It's not common, but I've had it.

devotchka wrote:
EDIT:

PayPal has verified the unauthorized transfer and stolen funds have been credited back to my account. Pray

I hope the credit card company will do the same now that PayPal have recognized that it was not my fault. I have contemplated torturing the "hacker" in the most violent fashion imaginable but I called the internet crimes police instead.

That's awesome! I'm glad they didn't get away with it this time, and so glad you got your money back. And I hope you'll be more careful in the future. I don't have a Paypal account at the moment but I'm pretty sure I'll need one in the future, so I've definitely learnt something from this. And I'm sure I'm not the only one.
devotchka
devotchka wrote:
EDIT:

PayPal has verified the unauthorized transfer and stolen funds have been credited back to my account. Pray

I hope the credit card company will do the same now that PayPal have recognized that it was not my fault. I have contemplated torturing the "hacker" in the most violent fashion imaginable but I called the internet crimes police instead.


ninjakannon wrote:

That's awesome! I'm glad they didn't get away with it this time, and so glad you got your money back. And I hope you'll be more careful in the future. I don't have a Paypal account at the moment but I'm pretty sure I'll need one in the future, so I've definitely learnt something from this. And I'm sure I'm not the only one.


I am feeling better, at least there is some justice. Now my fingers are crossed to solve the credit card problem, contacted PayPal, the website where the transaction happened, Jesus, the police (even tried the devil when I was in a fury worthy of Greek tragedy Mr. Green)

This is extremely stressful. I should lock myself in a safe, with no internet.
Oh, what a world we are living in.
I will post it here when things are 100% ok. It might help someone going through the same, it is hard to think straight when you are going through something like that.
Gustavus
I've been using PayPal for as long as I can remember, and it's never once failed me.... I transfer money between it and my checking accounts all the time, and use it to make all online purchases. I also use it for my eBay account for buying and selling needs, infact any auctions I make actually require you to have a PayPal account to even place a bid...

I don't think it's PayPal's fault really that some user's accounts are being compromised, it happens all the time with many other companies. It's usually (I said usually) some form of user-error, whether done consciously or not. They may have clicked a link from their email from a fake email posing as PayPal, downloaded a Keylogger, input their password on a phishing website... These are all things that could easily be prevented if users became more aware of the constant risk of these things...

Treat your PayPal username and password like you would your credit card information online... Don't go entering it around unless you're 100% you are on a secure website, and there's no (or very little) risk of it being stolen.

Well, there's my 2 cents on PayPal account compromises. Smile

I personally will continue to use PayPal till the end of it's time.
Traveller
If someone was able to delete emails AND get back into your PayPal account after you had changed the password, then a "keylogger" program probably got onto your computer, somehow. Although some keyloggers are hard to detect, many can be found with SpyBot Search & Destroy or by most of the better antivirus programs. Also, it is a good idea, no matter which antivirus program you usually run, to do occasional scans by DIFFERENT antivirus programs by using the free online versions available from Trend Micro, Kaspersky, and BitDefender.

What happens is keylogger programs keep track of your keystrokes and, sometimes, even your mouse movements, then transmit them over the Internet to someone waiting to hack your accounts. If you change your password on a site, it doesn't matter, since the keylogger would pass that information along, as well.

So, make sure you use good security programs (see this thread for further discussion), and keep them up to date.

Good luck!
ninjakannon
Traveller wrote:
What happens is keylogger programs keep track of your keystrokes and, sometimes, even your mouse movements, then transmit them over the Internet to someone waiting to hack your accounts.

Not meaning to scare you but I've seen one that also took screenshots when you clicked the mouse. That meant even if you used an on-screen keyboard or other mouse based method to enter your password it could tell. I thought that was pretty neat myself, although you could use it for very devious means.

I totally agree with what you said about regularly checking your computer for keyloggers [etc], Traveller.

I've now completely figured out how I would go about hacking someone's Paypal account and could probably succeed too. Of course I won't ever actually try this!

I think a website like Paypal should also register domains in all similar names, such as 'Puypal', Paypol' etc to stop phishing websites using them instead.


Traveller, where have you been?! Looks like so many of the older frequent members have stopped posting. Even me, substantially! Confused
zahir
mine has been deleted .they've change my password i thiink
Thumpercats
I am extremely paranoid when it comes to money, and that is the main reason why I refuse to give out credit card numbers online or open u accounts for paypal. I've seen and heard of some strange things regarding computer security, and quite frankly I have lost a lot of hope for it.

If my money is my pocket no amount of spam can take it from me.
Traveller
ninjakannon wrote:
Not meaning to scare you but I've seen one that also took screenshots when you clicked the mouse. That meant even if you used an on-screen keyboard or other mouse based method to enter your password it could tell. I thought that was pretty neat myself, although you could use it for very devious means.

Thanks, NK. I had forgotten about that aspect, too, but it IS a very common function of that kind of program.

ninjakannon wrote:
Traveller, where have you been?! Looks like so many of the older frequent members have stopped posting. Even me, substantially! Confused

Just been very busy with other people's computers and websites, and just with life, itself. Still a lot of work to do, but I hope I can start to get back to more frequent posting.

Right now, I have another setback: my router isn't working (have already gone through all the proper diagnostic steps), so now I need to get that working (or replace it) before I'm really back to full capacity.
cloudship
It's horrible to hear that and I feel worried about the online transaction security degree. I would check all my account security as mail and other online services. It is really paranoid to see any lost but cannot verify them.
CATHLEEN
Traveller wrote:
If someone was able to delete emails AND get back into your PayPal account after you had changed the password, then a "keylogger" program probably got onto your computer, somehow. Although some keyloggers are hard to detect, many can be found with SpyBot Search & Destroy or by most of the better antivirus programs. Also, it is a good idea, no matter which antivirus program you usually run, to do occasional scans by DIFFERENT antivirus programs by using the free online versions available from Trend Micro, Kaspersky, and BitDefender.

What happens is keylogger programs keep track of your keystrokes and, sometimes, even your mouse movements, then transmit them over the Internet to someone waiting to hack your accounts. If you change your password on a site, it doesn't matter, since the keylogger would pass that information along, as well.

So, make sure you use good security programs (see this thread for further discussion), and keep them up to date.

Good luck!


i had this done to me yesterday had to cancel all my accounts everything i was typing was being seen they got every detail all my dont know how they managed to get the program onto my computer !
mgeek
I recently used Paypal, but that was the only time and perhaps the last time I am going to use it.
deanhills
Why is it that PayPal is the only option outside credit cards? Surely someone should have come up with a really viable alternative and competition to PayPal? Isn't that more than half the problem here?

Ditto E-Bay?
k_s_baskar
To protect your accounts/password from phishing sites. just enter into websites directly from broweser addressbar not from your e-mail link.
Smile
mukesh
Really its very bad news. lol hacked everywere.
TurtleShell
It would be really awful to depend on paypal and to be frozen out of your account--glad that's not an issue of mine, and that I don't use it. Best of luck.
Florenceblooms
My paypal account was hacked by a Filipina, December 12, 2011. The hacker's paypal email address is r00.b0rn@yahoo.com. Her bank accounts are with Bank of the Philippine Islands. I had tried to ask paypal the complete bank account number as I can only see the last 4 digits in my profile but they wont give. She has her mobile no. 09433044331 which is always "unattended".
Here are the details:
1.) Im the owner of FLORENCE FLOWERS, AND GIFTS SHOP. A legal flower shop company in the Philippines.
2.) Dec 12, morning, while chatting at my yahoo messenger, pop out notice appeared on the rightmost bottom of my laptop screen. I opened my email, and there I saw a Paypal email stating that I sent P9,500 to paypal account: r00.b0rn@yahoo.com
3.) And there where also paypal emails stating that I requested for password change, and password change succesfull. Another email that I changed my bank account. Another email that I changed my credit card changed. And email of other details changed. She did those December 12, 2011 (Monday morning, PST)
4.) As I can still see pop notice of further money payment to the hacker, I logged on to my paypal account, but i cannot as my password has been changed.
5.) I called Paypal, but negative as their office does not operate 24/7
6.) I went to NBI, 5PM, Dec 12, and reported the incident.
7.) I tried to log on to my paypal account as my password entry were all wrong, I requested for a password reset. It lead to security question: my bank account data, and it worked as the recent bank account change made by my hacker is not yet approved so the old record still holds true. Early that day when my account was currently being hacked, I thought then that the bank account change made by the hacker was approved, so did not took chance of asking for password reset, and also cannot think well that time.
8.) I logged on to my Paypal account after my password changed was approved. Reported to them all the "unauthorized transactions", (and filed a "Dispute") made by my hacker.
9.) Around 3 or 4AM, I finally was able to call paypal, and verbally reported to them those unauthorized transactions made by my hacker.
10.) Morning when I woke up I saw in my yahoo email, that the disputes I filed for "unauthorized Transactions" were all cancelled.
11.) I called paypal again to tell them i did not cancel those Disputes I filed.They told me I did as I called them just 2 hours ago. But that cannot be possible as I was sleeping 2 hours ago. My hacker called them,and they believed she was me, and lifted the Disputes I filed.
12.) What Paypal did was to put my account on Limited Status so the hacker cannot transfer my money anymore to her paypal account
13.) Dec 22, 2011 Paypal returned/reversed the money hacked to my Paypal account.
14.) Dec 30, 2011 I received a paypal email for email change confirmation. Another email for bank account added to my account. Another email for password reset request.
15.) I called Paypal as soon as I read those emails. A specialist named Adam told me that he has spoken with me 2 hours ago. And that the hacker added a photo ID of me in my account.
If it is true that somebody has been calling them to change my bank account, my credit card, my password, my phone numbers, and worst to add a photo ID of me, then, it is so frustrating as they claim to be a secured payment facility, and yet when somebody calls them claiming she is me, they will believe her after she has answered their security questions of:
1.) for security purposes, what is your bank account number?
2.) what is your address? Those details are readily available in my flower shop website, and once they successfully hacked my account all details Paypal ask for security purposes are there in my profile.
Now, this makes me think that Paypal is the one doing the "hacking" issue. How come a photo ID of me was added (Dec. 29, 2011) in my Paypal profile when I have just recently(Dec 14, 2011) changed my Paypal, and email passwords. Only I, and Paypal know my Paypal password, and if the hacker is calling them can a .jpg photo be added by just calling the phone?
There 2 options there to add a photo one is by fax, and one is online? The photo ID was not added by fax. It was added online, meaning the hacker opened my profile, and added that ID, and at the same time changed my bank account to hers, so when Paypal release my frozen money, it will go the new bank account - the hacker's bank account. Maybe that is the reason why they cannot give me the hacker's full details.
I had suggested Paypal to improve its security system as is sucks. And one thing I suggested is for paypal users to have their own secret access code which they can mention during phone calls. But they always reply to me saying "Appeal Denied". Hence, if they do not want to improve their security system, then they have a problem.
One reason I can only think why they do not want a secret access code for each paypal user is that, they will have no reason anymore to tell the authentic Paypal user when the later's account details are changed without his knowledge, or when a paypal account is "hacked"
Evaluating everything that happened to my account, Paypal is not secured
pll
The only thing I have to say :
BE CAREFUL

I don't think Paypal got hacked I just think someone clicked somewhere that he shouldn't.
deanhills
I just think hackers are getting smarter and smarter and upping the ante for preventive measures. My Bank phones me after every transaction I've made with my Visa Credit Card (I don't make that many) to check it is really I who made it. It's just not that secure out there. Probably better to go back to the good old days where they kept their money under the mattress. Banks don't pay that high interest any more either and the costs of having accounts are not worth having banking accounts any longer. I'm getting the feeling these days that my money belongs more to the Bank than me. And I have to pay for every additional safety measure that the Bank has to acquire in order to "protect" my money.
radiohead
I joined this site to share my story. I've been a Paypal member since 2000 and never had any problems. However in January 2012, on a whim, I tried to log in to my account (I hadn't checked it in well over a month). My e-mail/password not only did not work, but Paypal said they were not recognized. I knew then that it had been compromised.

I was unable to file any disputes or send them any e-mails, because it kept asking for my ID, and technically, I had no account anymore. I phoned the support line (check bottom of main PP page). It turns out that the previous night, someone hacked my account, changed the password/e-mail, and transferred $$ into their account ($1000...I know, mistake keeping that much in there). Turns out the Paypal system somehow stopped the transfer & reversed it prior that day, though my account still read $0. The support person was helpful, made sure I got a refund with no fees, and put my account on "limited" status, meaning no funds could be removed, even by me, until I provided Paypal with two forms of proper ID. I also changed my password to something totally different.

However, 3 weeks later, I tried to log in under the new password, and it again wasn't recognized. Turns out it happened again, the same way as before. This time it was a different address, and was transferred to a Wells-Fargo account in Arizona (per the support person). Even they were unsure how/why the funds were allowed to be transferred when the account was still supposedly locked (I sent PP no ID). She was very helpful and transferred the funds back for me, and made sure I not only changed my Paypal password, but my e-mail password, and suggested I run another security scan. I did with Adaware free version and it found a trojan, possibly a keylogger. I also took all other e-mail accounts off my Paypal account (just my main one). 6 weeks and still no other problems, knock on wood.

If you are hacked and $$ is removed from your account, you need to call the support line for quickest results. Also remember to change your main e-mail address and PP password, as well as removing all other e-mails from the account. And run a security scan.

Good luck.
ocalhoun
radiohead wrote:
I did with Adaware free version and it found a trojan, possibly a keylogger. I also took all other e-mail accounts off my Paypal account (just my main one). 6 weeks and still no other problems, knock on wood.

Yep, and there's your culprit.
I wonder if paypal tried to prosecute the guy?

Just a little scrap of software on your computer that records every keypress (and mouse clicks too, for the more sophisticated ones), and then sends them to whoever made the program.
Much easier than hacking paypal itself!

Nice to hear that paypal was so good about it though. I've always had good luck with that kind of thing with them too... once bought something on ebay that simply was never shipped to me, and when the seller didn't respond to my questions, paypal gave me a full refund, no questions asked.
nevelis
Very nasty! To defend your funds and your privacy you must be VERY VERY careful, even paranoid. Be careful what you share over the net, look at your passwords, etc. Even then, there is no guarantee...
paypalhack
Yes I agree too that Paypal should put some time to make their security better because it is quite easy for hackers to steal money.
zimmer
paypalhack wrote:
Yes I agree too that Paypal should put some time to make their security better because it is quite easy for hackers to steal money.


Paypal is secure for me..
I strongly suggest if you have more than $300 then transfer it to your bank account..in this way your money is secure..

What i dont like with paypal is the charges is too big..and money transfer double charges..
silverdown
I read on some article that paypal claims if u store money with them it not really yours anymore it's there. I dont use Paypal for that reason
crystalkey
It's their money. Just like when you deposit funds into a bank, it's their money as well. You just have the right to claim it and use it. PayPal is like any other bank. They are just a funds processor.

It is up to you to defend yourself against unauthorized transactions by not allowing people to use your password, regularly scan your PC for viruses and trojans, and above all, only download software / MP3 files from trusted sources. When it comes to your money, leave nothing to chance and take as many safeguards as possible.
futurcat
ninjakannon wrote:
devotchka wrote:
By the way, how could "they" even know I had a paypal account by hacking my e-mail, how about my password?
"They" got into my e-mail after getting into my pp account and then, even my credit card was used fraudulently.

You can't tell which they got into first; they may have got into your email but not made any changes. As for knowing that you had a PayPal account, perhaps they didn't! They could have got into your email and then used the 'Forgot your Password?' feature on the PayPal website to send a new password to your email. If no email was sent then they could discard your email, or sell it on to others. If it worked then they could log into your Paypal account and delete the email from your inbox. I'm sure they have other methods, also.
I can't tell you how they got your email address, nor can I explain how they got your password. But the most innocent things on the web can turn out to be far more deadly than you could ever imagine (often without you even realising it).
OH! I've just had a devious thought. There's a 'Forgot Your Email Address?' feature on Paypal too. This allows you to enter some details about yourself to reveal your password. But you could take advantage of this by setting up a form filling macro that ran through a list of people. And they could have bought this list of people. (However, they can't have done this to you as that would only work if you hadn't added a bank account, credit or debit card to your account.)

If I can think of these techniques in a few minutes I'm sure they can come up with far better ones.

devotchka wrote:
I have never disclosed my password to anyone, nor have I ever fallen victim to any of the PayPal scams. My computer is free of virus infection, security was never a problem here. Well, thank you all for your support. This too shall pass and justice will be served.

Like I said, they can be devious. I rarely visit 'dodgy' websites, never even open spam mail or give my password away. I almost always check that I'm not being phished. Yet somehow when I run my virus scanner something is found to be infected; I have no idea where these things come from! It's not common, but I've had it.

devotchka wrote:
EDIT:

PayPal has verified the unauthorized transfer and stolen funds have been credited back to my account. Pray

I hope the credit card company will do the same now that PayPal have recognized that it was not my fault. I have contemplated torturing the "hacker" in the most violent fashion imaginable but I called the internet crimes police instead.

That's awesome! I'm glad they didn't get away with it this time, and so glad you got your money back. And I hope you'll be more careful in the future. I don't have a Paypal account at the moment but I'm pretty sure I'll need one in the future, so I've definitely learnt something from this. And I'm sure I'm not the only one.


I am scared now. Probably a learning is to keep all passwords different and well protected.

Do you agree?
slimviking
devotchka wrote:
My PayPal have been hacked and funds taken off.

Please, beware and check your paypal accounts as soon as possible, if you find that you have the same problem open a dispute (investigation of an unauthorized activity claim). The more reports - the more chance we have of having our money back.

Somehow this person is cancelling disputes to slow down the investigations and the cases are getting closed.
I changed my paypal password but they managed to get into my account again


Sounds like that your computer was infected by some trojan horse.

If your antivirus said nothing would be better reinstall your operating system.

Before reinstalling anything try to uninstall your antivirus and install a trial copy of emsisoft antimalware thatn imho is the best antivirus. It's free trial that works for a month and, if your pc is infected will eliminate the infection.

Watch out for anything that came from mail and UNINSTALL JAVA.
few sites require it and poses unacceptable risks
zimmer
devotchka wrote:
My PayPal have been hacked and funds taken off.

Please, beware and check your paypal accounts as soon as possible, if you find that you have the same problem open a dispute (investigation of an unauthorized activity claim). The more reports - the more chance we have of having our money back.

Somehow this person is cancelling disputes to slow down the investigations and the cases are getting closed.
I changed my paypal password but they managed to get into my account again
I think they are also getting into our e-mail accounts. The "case closed" message was deleted from my mailbox.

I contacted paypal through their own contact form, opened a dispute without an ID changed each and every password, security questions, deleted credit cards, am paranoid, devasted and waiting for a reply.

Anyway, just a heads up for you folks.


how much money stollen from your account? have seen the logs where it was transferred?
Related topics
This topic is locked: you cannot edit posts or make replies.    Frihost Forum Index -> Lifestyle and News -> Discuss World News

FRIHOST HOME | FAQ | TOS | ABOUT US | CONTACT US | SITE MAP
© 2005-2011 Frihost, forums powered by phpBB.