Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
Identity Theft at eBay and PayPal
Old 09-03-2007, 04:36 PM   #1
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
Identity Theft at eBay and PayPal

When I checked email this morning, I found one from the eBay people verifying that I had changed my country of residence from the U.S. to England. Well, that was a bit eye-catching, to say the least, since I woke up in Houston again this morning.

But when I logged in to my account, sure enough, my account had been hijacked by someone in Birmingham, England who set up a phony ID, complete with Name, address, phone number, etc.

Next, I found that he had sent 22 emails overnight (my time) offering to buy Sony Laptop computers from people who had them up for sale on eBay. That threw me into panic mode, as I envisioned my bank account being wiped clean through my PayPal account. And that's exactly what he's trying to do, looks like.

PayPal shut down the account, but this guy also has my checking account number, and because of the holiday, there's no way to contact the bank before tomorrow morning.

My question is what liability, if any, the people at eBay have if I lose money as a result of all this. The hacker got in through their back door and, since they own PayPal, he got all the information he needed to set himself up in business.

I'm still hoping that I don't lose any cash but won't be certain about that for the next few days. The security person I spoke with at PayPal was amazed that I have had an account there since 2000 and this was the first time someone had breached the thing...that REALLY makes me feel secure.

Any thoughts?
__________________

__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Old 09-03-2007, 04:57 PM   #2
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Sorry that occurred. If you find out what happened or how it occurred, please let us know.

Phishing attacks are on the increase. Do you think they got your login that way?
__________________

__________________
chinaco is offline   Reply With Quote
Old 09-03-2007, 04:59 PM   #3
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
No, I haven't used the eBay account in several weeks and didn't receive any kind of email, fake or otherwise, from them until this morning.

It appears that the hack occurred on the eBay end.
__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Old 09-03-2007, 05:20 PM   #4
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Ebay owns Paypal. A couple of articles. Apparently this happens frequently. Phishing is one common way to trick people.

Hijacking & Fraud Plague eBay Users

PayPal - Horror Stories, Lawsuits, PayPal Problems & Information - Scam Alert

Make sure you use strong passwords.

Password strength - Wikipedia, the free encyclopedia
__________________
chinaco is offline   Reply With Quote
Old 09-03-2007, 05:20 PM   #5
Moderator Emeritus
Nords's Avatar
 
Join Date: Dec 2002
Location: Oahu
Posts: 26,616
Quote:
Originally Posted by SamHouston View Post
PayPal shut down the account, but this guy also has my checking account number, and because of the holiday, there's no way to contact the bank before tomorrow morning.
Any thoughts?
I'd e-mail your bank right away (through their website if possible) so that their on-call fraud-prevention staff can at least be held responsible.

IIRC eBay & PayPal limit their liability to $200 per transaction, but if you used a credit card (linked to your PayPal account) then you're covered by your credit card's chargeback. (I had four bad $300 transactions that I had to pursue with PayPal for $200 each and separately with my credit card company for $300 each.) I think you're required to notify everyone "promptly", whatever they think that means.

It sounds like PayPal has closed the link between them and your checking account, but if you also had your credit card linked to your PayPal account then you should let the credit-card company know right away too.

I'm not sure what this does to your PayPal transactions/feedback record. If the security breach occurred on their side then it seems that they owe you a transfer of all your ratings over to some similar name as well as a notification to all your customers so that your customers will feel comfortable continuing to do business with you.

And if PayPal is stonewalling then don't hesitate to threaten going to the media! I doubt us little guys could win a legal battle but they don't need this sort of publicity...
__________________
*
*

The book written on E-R.org, "The Military Guide to Financial Independence and Retirement", on sale now! For more info see "About Me" in my profile.
I don't spend much time here anymore, so please send me a PM. Thanks.
Nords is offline   Reply With Quote
Old 09-03-2007, 05:41 PM   #6
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
Chicano,

thanks for those links. They were interesting AND scary.

I forgot to mention that I ran a deep virus check as soon as eBay got me back in order and before I started on PayPal and the software did find two new Trojan horses that appeared just last night. I'm afraid that I may have opened up an email from these guys at some point that allowed the viruses to place themselves onto my hard drive. I did not, however, send them any information or open up any attachments.

I wonder if it's possible for them to plant viruses just through the "quick scan" window that my email browser is set to. That does open the email even if I don't click on the thing.

From reading the links, it sounds as if I have more work to do. Thanks again.
__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Old 09-03-2007, 05:43 PM   #7
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
Nords,

Thanks for the advice. I'm going to send out an email to the bank as soon as I finish this reply and will call the credit card company.

What scares me is not knowing what the Trojan horses that I removed may have revealed before I caught them. I didn't enter any other financial sites but now I have nightmares about these guys accessing my Vanguard accounts and the like. This is the stuff of nightmares.
__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Old 09-03-2007, 05:49 PM   #8
Recycles dryer sheets
 
Join Date: Jun 2007
Posts: 359
I seem to get one email a month from PayPal asking me to "update my information" or somesuch.

Which is remarkable given that I have never had a PayPal account (I only buy from EBay merchants who will take my credit card online)...
__________________
FinanceGeek is offline   Reply With Quote
Old 09-03-2007, 05:52 PM   #9
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
Quote:
Originally Posted by SamHouston View Post
Nords,

Thanks for the advice. I'm going to send out an email to the bank as soon as I finish this reply and will call the credit card company.

What scares me is not knowing what the Trojan horses that I removed may have revealed before I caught them. I didn't enter any other financial sites but now I have nightmares about these guys accessing my Vanguard accounts and the like. This is the stuff of nightmares.
Consider using a different computer (trusted, secure, and scanned) and go to your online sites and change your passwords.
__________________
chinaco is offline   Reply With Quote
Old 09-03-2007, 05:53 PM   #10
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
I get those messages also but haven't fallen for the scam. What is more dangerous, IMO, are the counterfeit sites that look like the real thing. Those are so hard to tell from the real thing that it would be easy to make the mistake of exposing a password that way.

I've been told by the PayPal people that ALL of their emails will address the recipient by first and last name and that most of the scam emails will be addressed to "dear PayPal User" or the like.
__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Old 09-03-2007, 05:55 PM   #11
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
Quote:
Originally Posted by chinaco View Post
Consider using a different computer (trusted, secure, and scanned) and go to your online sites and change your passwords.
That's a good idea. It does make me wonder when I'll be able to trust this computer again. It scanned as virus free earlier this afternoon, but it's hard to feel confident that it really is. This really ticks me off.
__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Old 09-03-2007, 05:57 PM   #12
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Feb 2007
Posts: 5,072
You might consider adjusting the configuration on your virus scanner to automatically scan all incoming files.
__________________
chinaco is offline   Reply With Quote
Old 09-03-2007, 05:59 PM   #13
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
Thanks, chinaco. I'm going to do another scan right now and I'll try to make sure that I set it that way. A deep scan runs at least an hour, so I'm going to sign off and see what happens.

Thanks, guys, for the excellent advice. I'm not sure that I feel any less nervous but at least I feel like I'm doing something to limit the damage.
__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Old 09-03-2007, 06:38 PM   #14
Recycles dryer sheets
 
Join Date: Apr 2007
Posts: 292
You should not have quick scan or preview pane active because that allows virus macros to be run without you opening the email.

We use outlook at work and I tell everyone to turn that stuff off and then to do shift+delete on any suspicious email.

I also keep a separate computer for financial stuff, although I would not keep ebay with my brokerage account.

I hope you don't get screwed too badly.
__________________
joesxm3 is offline   Reply With Quote
Old 09-03-2007, 07:07 PM   #15
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
Lsbcal's Avatar
 
Join Date: May 2006
Location: west coast, hi there!
Posts: 5,676
Sounds like a nasty problem. I use Yahoo email for most things and Outlook only for very trusted financial accounts. Let Yahoo do the security stuff, I hardly see any spam as it mostly ends up in the spam folder automatically. BTW, I had a few Trojans on my system just a few weeks ago. Don't know the source but suspect a site where I downloaded a PDF on entering something into a fair. AVG caught this.

Les
__________________
Lsbcal is online now   Reply With Quote
Old 09-03-2007, 07:48 PM   #16
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
Quote:
Originally Posted by joesxm View Post
You should not have quick scan or preview pane active because that allows virus macros to be run without you opening the email.

We use outlook at work and I tell everyone to turn that stuff off and then to do shift+delete on any suspicious email.

I also keep a separate computer for financial stuff, although I would not keep ebay with my brokerage account.

I hope you don't get screwed too badly.
Thanks for the information.

I use the Mozilla Thunderbird email reader but I suppose that it will be affected in the same way that you describe for Outlook. I'm going to turn off that option next time I open the software.

I like the idea of a separate computer for financial stuff. I do have a laptop but I use it on the road a lot and sometimes the networks don't impress me as being very secure...hotels, coffee shops, and the like. I'm going to have to figure something out.
__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Old 09-03-2007, 07:49 PM   #17
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
Quote:
Originally Posted by lsbcal View Post
Sounds like a nasty problem. I use Yahoo email for most things and Outlook only for very trusted financial accounts. Let Yahoo do the security stuff, I hardly see any spam as it mostly ends up in the spam folder automatically. BTW, I had a few Trojans on my system just a few weeks ago. Don't know the source but suspect a site where I downloaded a PDF on entering something into a fair. AVG caught this.

Les
Les, it was AVG that caught the two Trojans on my hard drive, also. I've been a little negligent in running it everyday like I should. Never again.

Thanks.
__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Old 09-03-2007, 08:32 PM   #18
Recycles dryer sheets
TexasGal's Avatar
 
Join Date: Jul 2007
Posts: 229
What kind of protection do you have on your computer?

I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). Yikes! Your experience just literally horrifies me!

McAfee VirusScan Plus:
Firewall Protection
Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks
Spyware Protect - spyware & adware
System Guard - detects changes to my computer & alerts me when they occur.
Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry.
Email Virus Protection
IM Virus Protection
__________________
TexasGal is offline   Reply With Quote
Old 09-03-2007, 10:17 PM   #19
Thinks s/he gets paid by the post
 
Join Date: Jul 2005
Location: Los Angeles area
Posts: 1,432
Quote:
Originally Posted by TexasGal View Post
What kind of protection do you have on your computer?

I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). Yikes! Your experience just literally horrifies me!

McAfee VirusScan Plus:
Firewall Protection
Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks
Spyware Protect - spyware & adware
System Guard - detects changes to my computer & alerts me when they occur.
Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry.
Email Virus Protection
IM Virus Protection
step 1 - switch from IE to Firefox - considerably fewer security holes, and far
fewer bad guys targeting those holes.
__________________
learn, work, save, invest, fire
CyclingInvestor is offline   Reply With Quote
Old 09-03-2007, 10:27 PM   #20
Recycles dryer sheets
SamHouston's Avatar
 
Join Date: Jan 2006
Location: Houston
Posts: 218
Quote:
Originally Posted by TexasGal View Post
What kind of protection do you have on your computer?

I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). Yikes! Your experience just literally horrifies me!

McAfee VirusScan Plus:
Firewall Protection
Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks
Spyware Protect - spyware & adware
System Guard - detects changes to my computer & alerts me when they occur.
Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry.
Email Virus Protection
IM Virus Protection
I'm no expert (obviously) but it sounds as if you probably have it pretty well covered. I agree with CyclingInvestor, however, that you should switch to Firefox.
__________________

__________________
"Be careful about reading health books. You may die of a misprint." - Mark Twain
SamHouston is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
identity theft Corporateburnout Other topics 21 10-27-2006 05:00 PM
Theft of VA data (SSNs for 26.5 million vets) Nords Other topics 25 06-26-2006 03:42 AM
Identity Theft - Maybe Eagle43 Other topics 6 06-11-2006 04:19 PM
Identity Theft Scam Eagle43 Other topics 1 02-13-2006 06:14 PM
Identity Theft haha Other topics 10 11-20-2003 11:38 AM

 

 
All times are GMT -6. The time now is 03:15 PM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.