Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




Baby Get Shaky!
1586 posts

Uber Geek
+1 received by user: 396

Trusted
Subscriber

Topic # 129087 3-Sep-2013 13:57
Send private message

Last night while having a nap before work the familiar vibration indicating a new email came from my phone. Despite needing to get some shut eye I decided to check it out to see what exciting products GrabOne had for sale today. Instead I found an email from PayPal indicating that I had just sent $98 USD to an email address I've never heard of (conveniently charged to my CC). Queue mild panic. After failing to login a few times due to password error (I hardly ever use the account and set the password deliberately hazy) a reset password was in order. Upon logging in, low and behold a payment of $98 USD (charged at $131.60 NZD) had been made half an hour earlier. Thankfully it had not been claimed by the email address (a non PayPal user) so it was easy to cancel (although PayPal are yet to return to money).

Now what's got me is how they gained access to the account. The account gets very little use (a few auto payments each month and the occasional one off purchase). The password was unique and not similar to any other password I use. I am fully aware of phishing and am a stickler for checking ssl and typing in websites myself. I have not signed up to any new service in months nor made any one payments in months. The one and only machine used to login is subject to daily scans from MSE and Maleware-Bytes as well as weekly manual checks with the likes of hijackthis. No other accounts have been compromised (although all passwords have now been changed from phone) including the wifey's PayPal which she uses a lot more than me.

Other than the unauthorised payment, nothing else was altered on the PayPal account itself. I had recently set new security questions and updated all my details. An obligatory email to PayPal is yet to be answered. Everything that can be scanned, poked, prodded and inspected has been (we only have the 1 pc) and I can't find any hint as to how my account details were accessed. What am I missing?

What is also bugging me is why didn't PayPal's much hyped (and much hated) Anti Fraud system detect something was a miss. In the 10 years I've used that account, I've never sent money to a non-registered email account nor have I sent that much (I've heard too many horror stories with PayPal to entrust them with anything more than small transactions). The accounts have never been accessed outside of NZ (although I'm only speculating that it was on this occasion). Is it possible that smaller transaction (say under $100 USD) are not subject to the same scrutiny as larger ones?

Any thoughts appreciated (although please no Scan everything and Change your passwords etc, this has been done).

Cheers,

View this topic in a long page with up to 500 replies per page Create new topic
 1 | 2
Awesome
4815 posts

Uber Geek
+1 received by user: 1063

Trusted
Subscriber

  Reply # 888982 3-Sep-2013 14:15
Send private message

I'm very careful but had someone compromise my PayPal account last year.

I now have two factor auth enabled (and a new password), so that you can't log in without the Symantec VIP 2FA token code that I get via their app on my phone.

I use 2FA on everything I possible can these days.




Twitter: ajobbins


2902 posts

Uber Geek
+1 received by user: 312


  Reply # 888989 3-Sep-2013 14:26
Send private message

Same thing happened to me a few years back, even with a cryptic password too.

First got worried about even the email saying I had made a payment, checking all the links to make sure it wasnt phishing. By-passed by going direct via browser and checking URLs as I went. Same thing, mine was a nice guy sitting somewhere on the other side of the planet who plays Diablo/World Of Warcraft all day for people and gets paid for it so people can continue to work and 'level up'

The email was even something like WoWgold77@ymail or similar. Appears they stole it to pay for virtual gold within the game.

Sure enough, later on after some sweat was let out, a few emails later come the 'we have detected possible fraudlent activity on your account and disabled transactions' followed by a lockdown requiring me to attach a photocopy of proof of address etc within the online case to the fraud team. It was quite clear somehow on their back end that it was not me, be it number of attempts, exploit or brute force.

It's not unheard of. And eventually their system should trap it. Part of the issue is if you don't use it now and then however, it can't learn your geographical location and habbits to be able to detect a login from say india is out of the norm. Best practice, remove your CC details, or change the expiry date. And only re-add or change it as required.

We may even find, its a chargeback scam (seems quite popular on google for issues with paypal) not sure how that works, but potentially they are claiming against innocent people and being billed from us.

 
 
 
 


1433 posts

Uber Geek
+1 received by user: 375


  Reply # 888995 3-Sep-2013 14:36
Send private message

Same thing happened to me, right down to the email notification on my phone....except my notification was "You've hit your limit"

And suddenly I was $1,400.00 poorer, with nothing to show for it.

I disputed the charge through paypal (7 day process time) and a week later I had it all back.

In my case I suspect my password was too insecure? dictionary word plus three numbers.
HOWEVER It might be co-incidence but I did (and still do) receive fake paypal emails alerting me to "Policy Changes" saying my account information is incomplete, and my account will be closed in 37 days if I don't update it. All the emails link to hijacked domains, but i'm fairly sure I've never followed one of these?

An interesting thing about this was that the two transactions from my account, one was to a guy with a Dutch name, and one was to a Chinese name. The Dutch guy even tried to raise an invoice (visible in my paypal account) for some type of game items? World of warcraft items? Maybe League of Legends, I dont even know, I don't play any of those games. I guess the scammer did this as part of the disputes resolution, to try to claim he sold me something.

2 step authentication starts to look real good after something like this.

14285 posts

Uber Geek
+1 received by user: 2590

Trusted
Subscriber

  Reply # 889041 3-Sep-2013 15:25
Send private message

How do you set up 2 factor auth? That would be handy.

Never click on a link in any email to a financial website. Always type it in yourself, or better yet use a bookmark to avoid typos.




AWS Certified Solution Architect Professional, Sysop Administrator Associate, and Developer Associate
TOGAF certified enterprise architect
Professional photographer


BDFL - Memuneh
61784 posts

Uber Geek
+1 received by user: 12437

Administrator
Trusted
Geekzone
Lifetime subscriber



Baby Get Shaky!
1586 posts

Uber Geek
+1 received by user: 396

Trusted
Subscriber

  Reply # 889137 3-Sep-2013 17:45
Send private message

freitasm: You can't setup 2FA on Paypal New Zealand yet.


That explains why I can't find any reference on the NZ website! In this day and age it seems odd that such a large global financial company can't offer some sort of app based 2FA worldwide in the very least.

I'm heartened to hear that there are others out there who have gone through the same thing. I'd still like to know how the account was breached, but I guess I'm gonna have to let that one go. I'd be amazed if it was brute forced, surely PayPal would have protection against that.

2019 posts

Uber Geek
+1 received by user: 1131


  Reply # 889151 3-Sep-2013 18:18
Send private message

Well that settles it, my Paypal account is now GONE. I was never comfortable using it, and this proves to me there are unacceptable risks involved.

Sorry geekzone, you need to find a better way of getting donations.




Location: Dunedin

BDFL - Memuneh
61784 posts

Uber Geek
+1 received by user: 12437

Administrator
Trusted
Geekzone
Lifetime subscriber

  Reply # 889153 3-Sep-2013 18:20
Send private message

Interesting. I have had my Paypal account for more than 15 years and never had a problem. Taking in consideration the number of users around it is hard to say it's a security risk. I would say is no more (and perhaps even less than using one's credit card online.






1889 posts

Uber Geek
+1 received by user: 316


  Reply # 889154 3-Sep-2013 18:21
Send private message

I also had this happen. I didn't realize the transaction had gone through until I saw it by fluke. I realized that three other transactions had been made to my debit card via PayPal. I contacted PayPal and the money was refunded (thankgoodness).

I have no idea how they managed to get past my 16 character password. I don't use the service anymore.





Sometimes what you don't get is a blessing in disguise!

2019 posts

Uber Geek
+1 received by user: 1131


  Reply # 889176 3-Sep-2013 19:00
Send private message

Five users say they've had similar issues in just over 4 hours that seems like quite a lot...

I'd be keen to see a poll on this topic, does geekzone do polls?




Location: Dunedin

21613 posts

Uber Geek
+1 received by user: 4430

Trusted
Subscriber

  Reply # 889332 3-Sep-2013 22:49
Send private message

I havent ever had an issue with my paypal and I would use it multiple times per week. Cant recall what my password is but probably 24+ chars generated by lastpass as thats what I use most places except for some dumb sites that have low limits on what you can enter.




Richard rich.ms

1710 posts

Uber Geek
+1 received by user: 169

Trusted

  Reply # 889336 3-Sep-2013 22:59
Send private message

I've never had an issue with PayPal either, and I would have used it several thousand times in the last 8 years.



Baby Get Shaky!
1586 posts

Uber Geek
+1 received by user: 396

Trusted
Subscriber

  Reply # 889355 4-Sep-2013 00:46
Send private message

keewee01: I've never had an issue with PayPal either, and I would have used it several thousand times in the last 8 years.


Up until yesterday I would have said the same thing. I suppose it only takes one incident to change your perspective. Still it is a bit worrying that so many replies have had the same issue. Than again, PayPal reckons there fraud level ("industry-leading loss rate") is less than 0.5 so I guess a few people out of a global user base puts it in perspective.

Finally received a reply from PayPal, about as much as was to be expected :

From researching your account history, I can see that your issue has been resolved. We are continually improving our customer service and can be contacted by going to the PayPal website and clicking the Help link at the bottom of the page.

2515 posts

Uber Geek
+1 received by user: 541
Inactive user


  Reply # 889364 4-Sep-2013 06:51
Send private message

my partner had just over $1,000 taken a couple of weeks ago.

Her laptop was compromised, Paypal were very good and she got it all back, some within an hour some took a little longer.

It was a bit scary at first, but she was happy with how easy PayPal made getting the money back for her.

I can't imagine it would be that easy with a bank!

BTW she has removed her credit card from that account now!

4548 posts

Uber Geek
+1 received by user: 2516

Trusted

  Reply # 889365 4-Sep-2013 07:00
Send private message

andrewNZ: Well that settles it, my Paypal account is now GONE. I was never comfortable using it, and this proves to me there are unacceptable risks involved.

Sorry geekzone, you need to find a better way of getting donations.


I used internet banking to pay for my subscription here. I've never had a paypal account and I don't use credit cards.




Whatifthespacekeyhadneverbeeninvented?


 1 | 2
View this topic in a long page with up to 500 replies per page Create new topic



Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Geekzone Live »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.