Identity Theft at eBay and PayPal

[SamHouston]

When I checked email this morning, I found one from the eBay people verifying that I had changed my country of residence from the U.S. to England. Well, that was a bit eye-catching, to say the least, since I woke up in Houston again this morning.

But when I logged in to my account, sure enough, my account had been hijacked by someone in Birmingham, England who set up a phony ID, complete with Name, address, phone number, etc.

Next, I found that he had sent 22 emails overnight (my time) offering to buy Sony Laptop computers from people who had them up for sale on eBay. That threw me into panic mode, as I envisioned my bank account being wiped clean through my PayPal account. And that's exactly what he's trying to do, looks like.

PayPal shut down the account, but this guy also has my checking account number, and because of the holiday, there's no way to contact the bank before tomorrow morning.

My question is what liability, if any, the people at eBay have if I lose money as a result of all this. The hacker got in through their back door and, since they own PayPal, he got all the information he needed to set himself up in business.

I'm still hoping that I don't lose any cash but won't be certain about that for the next few days. The security person I spoke with at PayPal was amazed that I have had an account there since 2000 and this was the first time someone had breached the thing...that REALLY makes me feel secure.

Any thoughts?

[chinaco]

Sorry that occurred. If you find out what happened or how it occurred, please let us know.

Phishing attacks are on the increase. Do you think they got your login that way?

[SamHouston]

No, I haven't used the eBay account in several weeks and didn't receive any kind of email, fake or otherwise, from them until this morning.

It appears that the hack occurred on the eBay end.

[chinaco]

Ebay owns Paypal. A couple of articles. Apparently this happens frequently. Phishing is one common way to trick people.

Hijacking & Fraud Plague eBay Users

PayPal - Horror Stories, Lawsuits, PayPal Problems & Information - Scam Alert

Make sure you use strong passwords.

Password strength - Wikipedia, the free encyclopedia

[Nords]

Quote:

Originally Posted by SamHouston PayPal shut down the account, but this guy also has my checking account number, and because of the holiday, there's no way to contact the bank before tomorrow morning. Any thoughts?

I'd e-mail your bank right away (through their website if possible) so that their on-call fraud-prevention staff can at least be held responsible.

IIRC eBay & PayPal limit their liability to $200 per transaction, but if you used a credit card (linked to your PayPal account) then you're covered by your credit card's chargeback. (I had four bad $300 transactions that I had to pursue with PayPal for $200 each and separately with my credit card company for $300 each.) I think you're required to notify everyone "promptly", whatever they think that means.

It sounds like PayPal has closed the link between them and your checking account, but if you also had your credit card linked to your PayPal account then you should let the credit-card company know right away too.

I'm not sure what this does to your PayPal transactions/feedback record. If the security breach occurred on their side then it seems that they owe you a transfer of all your ratings over to some similar name as well as a notification to all your customers so that your customers will feel comfortable continuing to do business with you.

And if PayPal is stonewalling then don't hesitate to threaten going to the media! I doubt us little guys could win a legal battle but they don't need this sort of publicity...

[SamHouston]

Chicano,

thanks for those links. They were interesting AND scary.

I forgot to mention that I ran a deep virus check as soon as eBay got me back in order and before I started on PayPal and the software did find two new Trojan horses that appeared just last night. I'm afraid that I may have opened up an email from these guys at some point that allowed the viruses to place themselves onto my hard drive. I did not, however, send them any information or open up any attachments.

I wonder if it's possible for them to plant viruses just through the "quick scan" window that my email browser is set to. That does open the email even if I don't click on the thing.

From reading the links, it sounds as if I have more work to do. Thanks again.

[SamHouston]

Nords,

Thanks for the advice. I'm going to send out an email to the bank as soon as I finish this reply and will call the credit card company.

What scares me is not knowing what the Trojan horses that I removed may have revealed before I caught them. I didn't enter any other financial sites but now I have nightmares about these guys accessing my Vanguard accounts and the like. This is the stuff of nightmares.

[FinanceGeek]

I seem to get one email a month from PayPal asking me to "update my information" or somesuch.

Which is remarkable given that I have never had a PayPal account (I only buy from EBay merchants who will take my credit card online)...

[chinaco]

Quote:

Originally Posted by SamHouston Nords, Thanks for the advice. I'm going to send out an email to the bank as soon as I finish this reply and will call the credit card company. What scares me is not knowing what the Trojan horses that I removed may have revealed before I caught them. I didn't enter any other financial sites but now I have nightmares about these guys accessing my Vanguard accounts and the like. This is the stuff of nightmares.

Consider using a different computer (trusted, secure, and scanned) and go to your online sites and change your passwords.

[SamHouston]

I get those messages also but haven't fallen for the scam. What is more dangerous, IMO, are the counterfeit sites that look like the real thing. Those are so hard to tell from the real thing that it would be easy to make the mistake of exposing a password that way.

I've been told by the PayPal people that ALL of their emails will address the recipient by first and last name and that most of the scam emails will be addressed to "dear PayPal User" or the like.

[SamHouston]

Quote:

Originally Posted by chinaco Consider using a different computer (trusted, secure, and scanned) and go to your online sites and change your passwords.

That's a good idea. It does make me wonder when I'll be able to trust this computer again. It scanned as virus free earlier this afternoon, but it's hard to feel confident that it really is. This really ticks me off.

[chinaco]

You might consider adjusting the configuration on your virus scanner to automatically scan all incoming files.

[SamHouston]

Thanks, chinaco. I'm going to do another scan right now and I'll try to make sure that I set it that way. A deep scan runs at least an hour, so I'm going to sign off and see what happens.

Thanks, guys, for the excellent advice. I'm not sure that I feel any less nervous but at least I feel like I'm doing something to limit the damage.

[joesxm3]

You should not have quick scan or preview pane active because that allows virus macros to be run without you opening the email.

We use outlook at work and I tell everyone to turn that stuff off and then to do shift+delete on any suspicious email.

I also keep a separate computer for financial stuff, although I would not keep ebay with my brokerage account.

I hope you don't get screwed too badly.

[Lsbcal]

Sounds like a nasty problem. I use Yahoo email for most things and Outlook only for very trusted financial accounts. Let Yahoo do the security stuff, I hardly see any spam as it mostly ends up in the spam folder automatically. BTW, I had a few Trojans on my system just a few weeks ago. Don't know the source but suspect a site where I downloaded a PDF on entering something into a fair. AVG caught this.

Les

[SamHouston]

Quote:

Originally Posted by joesxm You should not have quick scan or preview pane active because that allows virus macros to be run without you opening the email. We use outlook at work and I tell everyone to turn that stuff off and then to do shift+delete on any suspicious email. I also keep a separate computer for financial stuff, although I would not keep ebay with my brokerage account. I hope you don't get screwed too badly.

Thanks for the information.

I use the Mozilla Thunderbird email reader but I suppose that it will be affected in the same way that you describe for Outlook. I'm going to turn off that option next time I open the software.

I like the idea of a separate computer for financial stuff. I do have a laptop but I use it on the road a lot and sometimes the networks don't impress me as being very secure...hotels, coffee shops, and the like. I'm going to have to figure something out.

[SamHouston]

Quote:

Originally Posted by lsbcal Sounds like a nasty problem. I use Yahoo email for most things and Outlook only for very trusted financial accounts. Let Yahoo do the security stuff, I hardly see any spam as it mostly ends up in the spam folder automatically. BTW, I had a few Trojans on my system just a few weeks ago. Don't know the source but suspect a site where I downloaded a PDF on entering something into a fair. AVG caught this. Les

Les, it was AVG that caught the two Trojans on my hard drive, also. I've been a little negligent in running it everyday like I should. Never again.

Thanks.

[TexasGal]

What kind of protection do you have on your computer?

I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). Yikes! Your experience just literally horrifies me!

McAfee VirusScan Plus:
Firewall Protection
Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks
Spyware Protect - spyware & adware
System Guard - detects changes to my computer & alerts me when they occur.
Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry.
Email Virus Protection
IM Virus Protection

[CyclingInvestor]

Quote:

Originally Posted by TexasGal What kind of protection do you have on your computer? I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). Yikes! Your experience just literally horrifies me! McAfee VirusScan Plus: Firewall Protection Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks Spyware Protect - spyware & adware System Guard - detects changes to my computer & alerts me when they occur. Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry. Email Virus Protection IM Virus Protection

step 1 - switch from IE to Firefox - considerably fewer security holes, and far
fewer bad guys targeting those holes.

[SamHouston]

Quote:

Originally Posted by TexasGal What kind of protection do you have on your computer? I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). Yikes! Your experience just literally horrifies me! McAfee VirusScan Plus: Firewall Protection Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks Spyware Protect - spyware & adware System Guard - detects changes to my computer & alerts me when they occur. Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry. Email Virus Protection IM Virus Protection

I'm no expert (obviously) but it sounds as if you probably have it pretty well covered. I agree with CyclingInvestor, however, that you should switch to Firefox.