Not impressed. Not impressed at all :(

Email arrived this morning "Your payment has been initiated", followed by another "Payment accepted". I was hoping to leave early for work and was going to wait until I got home for further investigation, thinking it must be another of those fake Paypal emails. I figured I best check. Logged into Paypal and there's a transaction - transfer of money. $125 dollars to someone whose details I do not recognise. My debit card account. Panic :disturbd: :Sprint: Phoned the bank and cancelled the card - they can't do anything for 3 days, until the money has actually left the account. Humf. I've got £8 in my account now. Deleted all my cards from Paypal and changed my password for Paypal and Ebay. Logged a dispute with Paypal and they quickly (too quickly) refunded the money. The other person, who was paid with my money, has also lost out. Now bearing in mind...



I'm an IT professional
I sit behind a router and software firewall
I have an anti-virus program running
I have Spybot installed
I have a tripwire monitoring changes to the registry - they keys to start programs on boot/logon
My email address is a me.uk - not common
My password is secure - mixture of words and numbers


How did they access my account? :erm:

If you're reading this, delete your cards from Paypal. They're not be trusted.

The only card I had registered with them was my Visa Debit, & that was an old 1 that expired ages ago, so nobody would be able to get money from me via Paypal anyway, unless I registered my new card details.

Something I've been thinking about, WRT Paypal, is a card I've seen leaflets for in the local Co-op. It's like a cross between a debit card, credit card, & pre-pay mobiles. I think it uses the Mastercard system, but before being able to use it you have to top it up first with the amount you want to spend, like you do with pre-pay mobiles. I couldn't remember the name of the card so just googled for pre-pay credit-card & it appears there's quite a few. No idea of the pros & cons of any of them, but it might be something worth looking into if you want to use Paypal in the future.

Tell me about it. To eBay's credit, though, I got a warning (5 emails in fairly rapid succession, which immediately rang very loud alarm bells) that someone had tried to use my credit card details. I immediately stopped the card and cancelled both my eBay and PayPal accounts; even though I subscribe to a card protection scheme, I don't take chances. I take the same precautions - router with firewall software, PC firewall and AV, Spybot, Ad-Aware, Spyware Blaster (all of which I update every week), plus I never use IE for online transactions and my credit and debit cards are registered with Veified By Visa - so either eBay or PayPal were responsible for the info leak.

Mind you, the only reason I signed up in the first place was to buy a miniature DPST switch! :D

Mind you, the only reason I signed up in the first place was to buy a miniature DPST switch! :D




Ssssshhhhhh!!!!! Don't use acronyms like DPST, you'll have people thinking that you're a geek ;)

What's wrong with being a geek?

What's wrong with being a geek?

It's not cool :cool:

Or it is cool, just no-one realises ;)

Anyway back on topic...

Paypal hacking doesn;t always mean that they got access to your PC and keylogged the details... There's enough groups about brute forcing stuff like this...

One of the reasons as to why my paypal password consists of some of these characters as well as numbers and mixed case @#£$%^&*!()

I had my Ebay & Paypal accounts compromised in early 2005, I lost a total of £370, Ebay & paypal both refused to refund me and I had to write that amount off. After closing both accounts I opened a new Ebay account, I dont sell as I used to I just buy and I only buy if the seller accepts cheque or PO. I will not under any curcumstances use my debit or credit card with either of these companies.

Lost £40 in paypal because the person who bought a game from me on Ebay had used a possible stolen credit card ! PayPal just took the money back out of my account around 2 month's after the transaction without any warning to me. I had to contact them to find out what was going on. After contacting them they basically just gave me a load of BS and then refused to give me the money back even though it was in no way my fault !

What's wrong with being a geek?

nerds are in..this month

I had my Ebay & Paypal accounts compromised in early 2005, I lost a total of £370, Ebay & paypal both refused to refund me and I had to write that amount off. After closing both accounts I opened a new Ebay account, I dont sell as I used to I just buy and I only buy if the seller accepts cheque or PO. I will not under any curcumstances use my debit or credit card with either of these companies.

Me neither,there are been far too many security lapses..:erm:

I've always insisted on using a cheque for all my purchases from ebay.

Paypal hacking doesn;t always mean that they got access to your PC and keylogged the details... There's enough groups about brute forcing stuff like this...

One of the reasons as to why my paypal password consists of some of these characters as well as numbers and mixed case @#£$%^&*!()
Yeah they must have hacked it. But my password was a mixture of words and numbers, so not easy to crack. And they would need my email address, which isn't a common domain name. It's left me really wary :(