posted on August 5, 2001 01:33:12 PM new
Hi everyone. I currently use Paypal to process some payments for my customers on my website. I also have two merchant accounts.
My wife has an un-verified account on Paypal that she last used about 7-8 months ago. She has not logged into the site during this time period.
Last week, two payments were made from her account to two internet service providers! She received the email in the evening, and immediately forwarded it to me. I logged onto Paypal to stop the transaction (20 minutes after it had occured,), but the transaction had already gone through, and there was no way to reverse it.
The total of the two charges (about $180) came from about $50 she had in her account, and the rest on her credit card, which is on file with Paypal. She immediately called her credit card company to issue a chargeback on these two amounts.
My question is, how did this happen? She has not logged onto the system in more than eight months or so, and hasn't received, sent, or done anything with her account in that time?
I've trolled around this board a bit, and I haven't come across this happening. Most of the problems here seem to stem from chargebacks or stolen credit cards. Hers is a legit account that appears to have been 'broken into.'
Seeing how Paypal has 'access' to my business account (with our company Paypal account) I'm quite nervous about what happened. If the same people who had access to my wife's account have access to my account, they could do a heck of a lot more damage than a few hundred dollars. I'm considering cancelling my account with Paypal because of these security concerns.
Or, I might add another bank account that would be used specifically for Paypal, that I could simply leave a small amount of funds in for Paypal transactions, and keep my other account separate.
Has anyone else here had similar events occur with using Paypal (or any other service). If so, what are your thoughts on protecting yourself from unauthorized access to your Paypal account?
posted on August 5, 2001 08:32:36 PM new
I've heard that the most common way for criminals to get passwords to internet accounts, is when the victim uses these same passwords for other accounts, on other websites. I would think that if you changed your passwords on the PayPal website, that you would be secure. There's really no other way someone could break into your account, unless the PayPal servers, themselves, were hacked, and even then it is unlikely that the passwords would be stored unencrypted.
From what PayPal advertises on their website, Travelers Insurance also insures each account for up to $100,000 for unauthorized access. You may even be able to file a complaint with them to recover your inexplicable payments.
Damon would be able to offer more definitive information.
posted on September 1, 2001 12:17:16 PM new
As predicted, Paypal has not responded to my unauthorized complaint. I have heard nothing from them.
Since then, I have place a chargeback on the credit card, and I am dealing with my credit card company (who is more than happy to have my business).
I personally no longer trust Paypal at all. I've basically written off the $50 that that I lost out of my wife's account (the transaction involved money taken out of my account, and also a credit card charge.)
posted on September 2, 2001 09:22:13 PM new
Hi PelicanParts,
Please send me all information to [email protected]. Did you receive an affidavit,etc?
Unauthorized account access can result from someone gaining access to your password/email combination. Some tips on passwords:
-Do not make it intuitive
-Do not give to any web site asking for your PayPal account information (password/email combination)---Report such requests to us immediately.
-Do not enter any site that is not www.paypal.com (that isn't us, but has a site that looks like ours)
-Do not use the same password combination you do at another site
I could cover a few more tips, but these are the ones that lead to the greatest amount of password security.
posted on September 2, 2001 09:42:54 PM new
pelicanparts,
Yes, on August 23,2001, I had six unauthorized charges on my PayPal account which totaled $2,945.00. These fraud attempts utilized ACH bank withdrawals. I did not discover these transactions until August 28th. According to PayPal, it is being "investigated". Still waiting for a call back from the fraud dept. that was promised last tuesday. PayPal has since restricted and then locked my account. My advice to anyone in a similar situation would be to go you their bank and sign an Improper ACH Debit Activity form. The bank will do the investigating and reverse the charges if they are due to fraud. At the same time I would also advise you to contact your credit card fraud dept. if you have a credit card on file with PayPal. When PayPal transfers fund from you bank account, they also put holds/pending for the same amounts on your credit card.(In my case another $2,945.00) All fraudulent transcations can be delt with by contacting the fraud division of your credit card. The last thing that I would advise you to do is file a police report with whoever has jurstriction where you reside. In my case it is the Sheriff dept. I hope this has helped you or others that might read this looking for help.
posted on September 3, 2001 10:03:54 PM new
I have heard of many folks losing money after receiving a getting a message telling them to log into http://www.paypaI.com to receive an urgent message. Of course, the last letter there is Capital EYE and not lowercase ELL - but if you are viewing it in the arial font as probably 95% of folks do, it looks like paypal. And folks go there and put in a username/password and receive their so called important message. And the whole thing was just a trojan to collect the information and use it to clean out their real account.
It looks like that scam has been shut down. But my point is, there are a lot of very simple, fast talking con-man type scams out there. They don't all involve masterminds hacking into credit card files. It could be just as simple as some clever website design and a few legit-sounding emails. And people fall for it very easily.
[ edited by wbbell on Sep 3, 2001 10:05 PM ]
posted on September 29, 2001 08:15:37 AM new
pelicanparts,
Just wondering if PayPal ever took care of your problem that occurred in early August? If they did, what was the date that it was resolved?
