pancakes

MicrostockGroup Sponsors


Author Topic: Paypal account hacked  (Read 6704 times)

0 Members and 1 Guest are viewing this topic.

« on: December 06, 2012, 13:09 »
0
what a cool day, openned my paypal account and saw that I had a transaction to buy gold, I have never played online games or other but I wasnt the 1st with this problem, I don't know what to do besides the complain I have made at Paypal already, will see what they will do, I had close to 100EUR taken from my account to a chinese dude called something like Mao Fen for collecting the following:

Item Title: Diablo III - EU Normal Mode 300000 K Gold

from what I have understood they do this to play that online game, how cool is that?

http://www.cnet.com.au/my-paypal-was-hacked-to-buy-dodgy-diablo-iii-gold-339341021.htm


Poncke

« Reply #1 on: December 06, 2012, 13:18 »
0
You can dispute the transaction and open a claim in the paypal resolution centre on your account. If the transaction was fraud, spoof or hack then you will get your money back.

« Reply #2 on: December 06, 2012, 13:20 »
0
You can dispute the transaction and open a claim in the paypal resolution centre on your account. If the transaction was fraud, spoof or hack then you will get your money back.

yep done that, sure they will return my dosh because I have nothing to do with it

« Reply #3 on: December 06, 2012, 13:20 »
0
Sorry to hear that Luis.

Could tell us if you have a unique password for your Paypal account or do you use a password that you use on other sites as well?

If you don't mind revealing this info but did you follow the "recommendations" on how to create a safe password (mixing lower case and upper case characters as well as using  numbers and other characters)? Did you use a password that can be found in the dictionary or is it a made up sequence of characters that don't make any sense?

I'd love to get this info.

Best wishes and I'm sure Paypal will fix the problem so you can get the money back.

« Reply #4 on: December 06, 2012, 13:25 »
0
my password has everything (numbers, characters, symbols, upper case) and it doesn't make much sense

I can also add that this guy haven't touched anything, it was just the transaction

« Reply #5 on: December 06, 2012, 13:30 »
0
my password has everything (numbers, characters, symbols, upper case) and it doesn't make much sense

I can also add that this guy haven't touched anything, it was just the transaction

Was it unique to Paypal or do you use this password anywhere else? Could it have been intercepted from another site?

« Reply #6 on: December 06, 2012, 13:30 »
0
Do you use a PayPal security key?  I've been using one for a few years, hopefully it improves security.

tab62

« Reply #7 on: December 06, 2012, 13:32 »
0
I got my paypal hacked via Facebook- whomever got my info on FB (email address). I closed done my FB account and had to close out all my accounts since my paypal was a sub-account of my main checking/debit. A total mess...

« Reply #8 on: December 06, 2012, 13:32 »
0
my password has everything (numbers, characters, symbols, upper case) and it doesn't make much sense

I can also add that this guy haven't touched anything, it was just the transaction

Was it unique to Paypal or do you use this password anywhere else? Could it have been intercepted from another site?

its unique!

« Reply #9 on: December 06, 2012, 13:33 »
0
Do you use a PayPal security key?  I've been using one for a few years, hopefully it improves security.

no and never heard of that, might take a look ;)

« Reply #10 on: December 06, 2012, 13:34 »
0
I got my paypal hacked via Facebook- whomever got my info on FB (email address). I closed done my FB account and had to close out all my accounts since my paypal was a sub-account of my main checking/debit. A total mess...

thats a lot of work :-\

« Reply #11 on: December 06, 2012, 13:35 »
0
thank god SS only pays tomorrow 8)

« Reply #12 on: December 06, 2012, 16:45 »
0
First I think, your account was hacked via a keylogger/backdoor/etc.
The other guess would be, you logged in to paypal account from elsewhere than your home/personal computer, where a malware was installed...?

In any cases, it's best to change passwords frequently...

velocicarpo

« Reply #13 on: December 06, 2012, 17:20 »
0
Very sorry to hear that Luis! Check your system for any Trojan and I would change all my other passwords, just to make sure. Sadly, noways there are so many psswd crack bots on the net that things like that happen even if you take all measurement possible.

« Reply #14 on: December 06, 2012, 17:29 »
0
I have paypal for many years, maybe close to 10 perhaps, I had another account but created another thinking of microstock agencies, it works only for that and I don't give my paypal address to anybody (only agencies), also have antivirus updated, not a cracked version ;D

thanks for all replies, will let you know how it goes!

p.s: only enter paypal at my place
« Last Edit: December 06, 2012, 17:32 by luissantos84 »

« Reply #15 on: December 06, 2012, 19:17 »
0
I got my paypal hacked via Facebook- whomever got my info on FB (email address). I closed done my FB account and had to close out all my accounts since my paypal was a sub-account of my main checking/debit. A total mess...

But even if someone knows your email address that they got from FB...they still need the password to get into your paypal account. I don't understand how your account got hacked via FB...can you explain how that happens? I don't think my email address is public for everyone on FB but I have never made a secret of my email address. I don't broadcast it, but I do use it.

« Reply #16 on: December 06, 2012, 19:28 »
0
We'll never know exactly how this was done because PayPal - obviously - doesn't want that known.  As a former software engineer I'm very curious of course.

« Reply #17 on: December 06, 2012, 20:02 »
0
We'll never know exactly how this was done because PayPal - obviously - doesn't want that known.  As a former software engineer I'm very curious of course.

indeed!

1 - my password or other details haven't changed (pretty much I have logged in and saw a transaction I haven't made, then made the complain)
2 - have talked with the site that sells the gold to play games (online chat) and they havent provided me any detail once they don't know me, they say they sent the gold after the payment, they only ask for a name and paypal address to register
3 - I can only imagine that Paypal will track his IP and see that my Paypal account has been accessed on the same IP for the last month, so they will see a different IP unless he/she is hiding behind a proxy
4 - Paypal might think I have made that transaction and I end up screwed

« Reply #18 on: December 06, 2012, 21:07 »
+2
It can be quite a bit more devious/complicated than one might guess.  For example: the fact that a transaction shows up in your account doesn't mean that your account was 'hacked' in the sense of someone gaining access to it.  All it means is that a transaction was injected into their database.  It might show up in a randomly chosen account basically as a side effect.  Their IT guys will take your report seriously, start auditing their database, and maybe find a number of similar transactions, each ending up tied to a different user account. 

In other words, there is the front door (a user name and password), but then there are the back doors.
« Last Edit: December 06, 2012, 21:10 by stockastic »

« Reply #19 on: December 07, 2012, 12:00 »
+1
Hello Luis Santos,

We've finished reviewing your unauthorized activity claim and you'll
receive a refund for the transaction amount. It may take up to 5 business
days for the funds to appear in your account.


they haven't told me any details, looks like PP works well

« Reply #20 on: December 07, 2012, 12:16 »
0
So they came through for you,  super.

« Reply #21 on: December 07, 2012, 12:31 »
0
So they came through for you,  super.

and just got the money!

« Reply #22 on: December 07, 2012, 14:16 »
0
So glad you got it sorted Luis!

« Reply #23 on: December 07, 2012, 14:25 »
0
So glad you got it sorted Luis!

thanks!

lisafx

« Reply #24 on: December 07, 2012, 14:30 »
0
Hello Luis Santos,

We've finished reviewing your unauthorized activity claim and you'll
receive a refund for the transaction amount. It may take up to 5 business
days for the funds to appear in your account.


they haven't told me any details, looks like PP works well

Very good news!  Happy you are not out the cash :)

« Reply #25 on: December 07, 2012, 14:38 »
0
Hello Luis Santos,

We've finished reviewing your unauthorized activity claim and you'll
receive a refund for the transaction amount. It may take up to 5 business
days for the funds to appear in your account.


they haven't told me any details, looks like PP works well

Very good news!  Happy you are not out the cash :)

indeed, cheers!

RacePhoto

« Reply #26 on: December 08, 2012, 01:49 »
0
Made me look into this a little. Interesting what people will do for money.

http://en.wikipedia.org/wiki/Gold_farming


grafix04

« Reply #27 on: December 08, 2012, 21:44 »
+1
Great news Luis.  PayPal are pretty good like that. 

Just a few of little tips:

When you're using PayPal or if you're doing your banking online, always close your browser windows and open a new one and then close it when you're finished before going into any other web site. 

Never click on a hyperlink because they could be hiding dodgy links on them.  It might show up as paypal.com but it might actually be something else.  Always go through paypal directly. 

Use Poppeeper to check your emails.  Disable HTML and only display plain text.  That way no sneaky html code comes up.

Google yourself and see what private information you can find about yourself online.  I actually have little decoys set up with false birth dates, age, locations etc. They way they don't know which is the correct one.


« Reply #28 on: December 09, 2012, 00:51 »
0

« Reply #29 on: December 09, 2012, 08:23 »
+1
Great news Luis.  PayPal are pretty good like that. 

Just a few of little tips:

When you're using PayPal or if you're doing your banking online, always close your browser windows and open a new one and then close it when you're finished before going into any other web site. 

Never click on a hyperlink because they could be hiding dodgy links on them.  It might show up as paypal.com but it might actually be something else.  Always go through paypal directly. 

Use Poppeeper to check your emails.  Disable HTML and only display plain text.  That way no sneaky html code comes up.

Google yourself and see what private information you can find about yourself online.  I actually have little decoys set up with false birth dates, age, locations etc. They way they don't know which is the correct one.

Great tips!!
In addition, as previously mentioned by sharpshot, I use the PayPal security key. I paid $5.00 for it a few years back.  I got a little oval plastic thingy which display a different temporary 6 digits number each time you press its button. That number is required after entering your regular password. You have only a few seconds to enter that number until it is reset. I guess an extra security layer can't hurt.

Unfortunately, I am not sure if it is available in all countries as it took a while for Canada to get it after it was available in the US.

It looks like it is $29.95 now, for a credid card size thingy which will display those same numbers, or, upon registering your smart phone, it can be sent to it for free

Here is the link:

https://www.paypal.com/ca/cgi-bin/webscr?cmd=xpt/Marketing_CommandDriven/securitycenter/PayPalSecurityKey-outside

Denis
« Last Edit: December 09, 2012, 08:33 by cybernesco »

« Reply #30 on: December 09, 2012, 09:38 »
0
thanks guys for all the tips, appreciate it and sure will be useful for everybody, I believe I had just bad luck because I am quite cautious and I never even leave money there, nice to see Paypal working so well, hope it continues!

« Reply #31 on: December 09, 2012, 20:24 »
0
The account may not have been hacked. I had a similar experience with McAfee. They sent me several renewal notices by mail and email, which I ignored because I was planning on replacing my PC with a Mac. They later sent the bill to Paypal and it was payed without my approval (apparently all they need is your email).


« Reply #32 on: December 09, 2012, 20:27 »
0
The account may not have been hacked. I had a similar experience with McAfee. They sent me several renewal notices by mail and email, which I ignored because I was planning on replacing my PC with a Mac. They later sent the bill to Paypal and it was payed without my approval (apparently all they need is your email).

that wasn't my case, the dude got some gold to play his game, actually I wrote that on the opening post but yes thats another experience added to this topic, thanks!

« Reply #33 on: December 09, 2012, 20:39 »
0
Many thanks Luis for relating this experience and I'm really glad it worked out ok for you in the end. It's been a very good 'heads up' on the vulnerability of our on-line accounts. Food for thought indeed.


 

Related Topics

  Subject / Started by Replies Last post
53 Replies
13674 Views
Last post August 05, 2016, 16:01
by redo
10 Replies
5218 Views
Last post December 13, 2015, 12:12
by stockastic
10 Replies
4514 Views
Last post November 18, 2016, 06:55
by Millionstock.com
19 Replies
5618 Views
Last post June 10, 2017, 13:49
by HughStoneIan
4 Replies
2604 Views
Last post August 22, 2017, 10:47
by niktol

Sponsors

Microstock Poll Results