Identity Theft at eBay and PayPal

SamHouston

SamHouston

Recycles dryer sheets
Joined
Jan 28, 2006
Messages
218
Location
Houston
When I checked email this morning, I found one from the eBay people verifying that I had changed my country of residence from the U.S. to England. Well, that was a bit eye-catching, to say the least, since I woke up in Houston again this morning.

But when I logged in to my account, sure enough, my account had been hijacked by someone in Birmingham, England who set up a phony ID, complete with Name, address, phone number, etc.

Next, I found that he had sent 22 emails overnight (my time) offering to buy Sony Laptop computers from people who had them up for sale on eBay. That threw me into panic mode, as I envisioned my bank account being wiped clean through my PayPal account. And that's exactly what he's trying to do, looks like.

PayPal shut down the account, but this guy also has my checking account number, and because of the holiday, there's no way to contact the bank before tomorrow morning.

My question is what liability, if any, the people at eBay have if I lose money as a result of all this. The hacker got in through their back door and, since they own PayPal, he got all the information he needed to set himself up in business.

I'm still hoping that I don't lose any cash but won't be certain about that for the next few days. The security person I spoke with at PayPal was amazed that I have had an account there since 2000 and this was the first time someone had breached the thing...that REALLY makes me feel secure.

Any thoughts?
 
Sorry that occurred. If you find out what happened or how it occurred, please let us know.

Phishing attacks are on the increase. Do you think they got your login that way?
 
No, I haven't used the eBay account in several weeks and didn't receive any kind of email, fake or otherwise, from them until this morning.

It appears that the hack occurred on the eBay end.
 
SamHouston said:
PayPal shut down the account, but this guy also has my checking account number, and because of the holiday, there's no way to contact the bank before tomorrow morning.
Any thoughts?
Click to expand...
I'd e-mail your bank right away (through their website if possible) so that their on-call fraud-prevention staff can at least be held responsible.

IIRC eBay & PayPal limit their liability to $200 per transaction, but if you used a credit card (linked to your PayPal account) then you're covered by your credit card's chargeback. (I had four bad $300 transactions that I had to pursue with PayPal for $200 each and separately with my credit card company for $300 each.) I think you're required to notify everyone "promptly", whatever they think that means.

It sounds like PayPal has closed the link between them and your checking account, but if you also had your credit card linked to your PayPal account then you should let the credit-card company know right away too.

I'm not sure what this does to your PayPal transactions/feedback record. If the security breach occurred on their side then it seems that they owe you a transfer of all your ratings over to some similar name as well as a notification to all your customers so that your customers will feel comfortable continuing to do business with you.

And if PayPal is stonewalling then don't hesitate to threaten going to the media! I doubt us little guys could win a legal battle but they don't need this sort of publicity...
 
Chicano,

thanks for those links. They were interesting AND scary.

I forgot to mention that I ran a deep virus check as soon as eBay got me back in order and before I started on PayPal and the software did find two new Trojan horses that appeared just last night. I'm afraid that I may have opened up an email from these guys at some point that allowed the viruses to place themselves onto my hard drive. I did not, however, send them any information or open up any attachments.

I wonder if it's possible for them to plant viruses just through the "quick scan" window that my email browser is set to. That does open the email even if I don't click on the thing.

From reading the links, it sounds as if I have more work to do. Thanks again.
 
Nords,

Thanks for the advice. I'm going to send out an email to the bank as soon as I finish this reply and will call the credit card company.

What scares me is not knowing what the Trojan horses that I removed may have revealed before I caught them. I didn't enter any other financial sites but now I have nightmares about these guys accessing my Vanguard accounts and the like. This is the stuff of nightmares.
 
I seem to get one email a month from PayPal asking me to "update my information" or somesuch.

Which is remarkable given that I have never had a PayPal account (I only buy from EBay merchants who will take my credit card online)...
 
SamHouston said:
Nords,

Thanks for the advice. I'm going to send out an email to the bank as soon as I finish this reply and will call the credit card company.

What scares me is not knowing what the Trojan horses that I removed may have revealed before I caught them. I didn't enter any other financial sites but now I have nightmares about these guys accessing my Vanguard accounts and the like. This is the stuff of nightmares.
Click to expand...

Consider using a different computer (trusted, secure, and scanned) and go to your online sites and change your passwords.
 
I get those messages also but haven't fallen for the scam. What is more dangerous, IMO, are the counterfeit sites that look like the real thing. Those are so hard to tell from the real thing that it would be easy to make the mistake of exposing a password that way.

I've been told by the PayPal people that ALL of their emails will address the recipient by first and last name and that most of the scam emails will be addressed to "dear PayPal User" or the like.
 
chinaco said:
Consider using a different computer (trusted, secure, and scanned) and go to your online sites and change your passwords.
Click to expand...
That's a good idea. It does make me wonder when I'll be able to trust this computer again. It scanned as virus free earlier this afternoon, but it's hard to feel confident that it really is. This really ticks me off.
 
You might consider adjusting the configuration on your virus scanner to automatically scan all incoming files.
 
Thanks, chinaco. I'm going to do another scan right now and I'll try to make sure that I set it that way. A deep scan runs at least an hour, so I'm going to sign off and see what happens.

Thanks, guys, for the excellent advice. I'm not sure that I feel any less nervous but at least I feel like I'm doing something to limit the damage.
 
You should not have quick scan or preview pane active because that allows virus macros to be run without you opening the email.

We use outlook at work and I tell everyone to turn that stuff off and then to do shift+delete on any suspicious email.

I also keep a separate computer for financial stuff, although I would not keep ebay with my brokerage account.

I hope you don't get screwed too badly.
 
Sounds like a nasty problem. I use Yahoo email for most things and Outlook only for very trusted financial accounts. Let Yahoo do the security stuff, I hardly see any spam as it mostly ends up in the spam folder automatically. BTW, I had a few Trojans on my system just a few weeks ago. Don't know the source but suspect a site where I downloaded a PDF on entering something into a fair. AVG caught this.

Les
 
Last edited:
joesxm said:
You should not have quick scan or preview pane active because that allows virus macros to be run without you opening the email.

We use outlook at work and I tell everyone to turn that stuff off and then to do shift+delete on any suspicious email.

I also keep a separate computer for financial stuff, although I would not keep ebay with my brokerage account.

I hope you don't get screwed too badly.
Click to expand...
Thanks for the information.

I use the Mozilla Thunderbird email reader but I suppose that it will be affected in the same way that you describe for Outlook. I'm going to turn off that option next time I open the software.

I like the idea of a separate computer for financial stuff. I do have a laptop but I use it on the road a lot and sometimes the networks don't impress me as being very secure...hotels, coffee shops, and the like. I'm going to have to figure something out.
 
lsbcal said:
Sounds like a nasty problem. I use Yahoo email for most things and Outlook only for very trusted financial accounts. Let Yahoo do the security stuff, I hardly see any spam as it mostly ends up in the spam folder automatically. BTW, I had a few Trojans on my system just a few weeks ago. Don't know the source but suspect a site where I downloaded a PDF on entering something into a fair. AVG caught this.

Les
Click to expand...
Les, it was AVG that caught the two Trojans on my hard drive, also. I've been a little negligent in running it everyday like I should. Never again.

Thanks.
 
What kind of protection do you have on your computer?

I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). :eek: Yikes! Your experience just literally horrifies me!

McAfee VirusScan Plus:
Firewall Protection
Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks
Spyware Protect - spyware & adware
System Guard - detects changes to my computer & alerts me when they occur.
Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry.
Email Virus Protection
IM Virus Protection
 
TexasGal said:
What kind of protection do you have on your computer?

I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). :eek: Yikes! Your experience just literally horrifies me!

McAfee VirusScan Plus:
Firewall Protection
Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks
Spyware Protect - spyware & adware
System Guard - detects changes to my computer & alerts me when they occur.
Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry.
Email Virus Protection
IM Virus Protection
Click to expand...

step 1 - switch from IE to Firefox - considerably fewer security holes, and far
fewer bad guys targeting those holes.
 
TexasGal said:
What kind of protection do you have on your computer?

I use McAfee VirusScan Plus and while it seems pretty complete, I am wondering if I need something else that deals specifically with a certain type of intrusion (have IE7). :eek: Yikes! Your experience just literally horrifies me!

McAfee VirusScan Plus:
Firewall Protection
Virus Protection - real time scanning for viruses, trojan, suspect scripts,hybrid attacks
Spyware Protect - spyware & adware
System Guard - detects changes to my computer & alerts me when they occur.
Script Scanning - prevents Trojans from running scrips that spread viruses further. Monitors for suspect activity & alerts me when a script execution results in the creation, copying, or removal of files, or the opening of my Windows registry.
Email Virus Protection
IM Virus Protection
Click to expand...
I'm no expert (obviously) but it sounds as if you probably have it pretty well covered. I agree with CyclingInvestor, however, that you should switch to Firefox.
 
I've set my laptop up for financial matters when I'm in a secure network or when I tie in directly here at home and have changed all the appropriate passwords on my financial accounts.

I hope I'm not closing the barn door after the horse escaped, but I suppose I'll know in the next few days.

Now I'm getting angry email from eBayers in the U.K. who have figured out that this guy is a thief. Makes me wonder if eBay sent out a blanket email covering everyone who received an email from the jerk wanting to overpay for their computers...his email reads like one of those Nigerian schemes.

Now that my profile has been corrected and shows the correct email address, I'm receiving all the responses that he hoped to get at his own email address.

What a day.
 
SamHouston said:
I've set my laptop up for financial matters when I'm in a secure network or when I tie in directly here at home and have changed all the appropriate passwords on my financial accounts.
Click to expand...
I was wondering when someone was going to bring up keystroke loggers.

The DoD pay site (https://mypay.dfas.mil/mypay.aspx) uses a "virtual keyboard" for entering passwords. You have to click on the alphanumerics instead of entering them from your own keyboard, and the virtual keyboard is scrambled at each login to change the mouse locations. But I guess there are ways around that too...
 
Keyloggers are definitely a threat. If SH had a Trojan, it could have been a keylogger.

SH - If you do not mind sharing the info, what did AVG report as the virus found?
By far, the most prevalent approach today is Phishing. It is a form of social engineering attack that tricks people.

Sometimes it is just that people are careless with login ids and passwords and they are stolen in other ways. This is why it is important to periodically change your passwords... Just in case.

Some systems have weak login systems (that do not limit the number of failed login attempts) and can be exploited with a dictionary attack or brute force. That is why a strong password should be used.

As an additional counter measure, I have been toying with the idea of setting up to virtual desktops on my pc with encrypted hard drive partions for each. (The other option is to setup a dual boot computer) Each system would encrypt the hardrive partition and separate login ids and passwords. I would use one system for Financial and the other for general surfing. This would help by limiting the opportunity of attack on the financial side. One would also need to setup a separate email and internet account (but could use the same ISP).

====

Take a look at this new form of threat emerging where a virtual OS Hypervisor can be downloaded and take over your entire computer without you knowing it.

Black Hat 2007: Rootkit hunters caught in cat-and-mouse game

Undetectable hypervisor rootkit challenge « rdist: setuid just for you
 
Sam, I am so sorry to hear that this happened to you. Some malicious hacker charged a very expensive Dell laptop to me back in 2000, and in my opinion this sort of "financial rape" is despicable and very harmful to one's psyche as well as one's pocketbook. I got my money back but felt violated.

In my case it was not phishing or carelessness with passwords, and was most probably caused by a Trojan horse that accessed my computer almost immediately through my first cable internet connection. Afterwards I started using Norton Internet Security and I have had no further incidents. This is probably due to luck as much as Norton, and when I pay my annual fee it is an act of faith rather than logic (a religious/spiritual donation? Wonder if I could deduct it :rolleyes:. Just kidding!).

Also I do not buy much online, and I have been afraid of getting Paypal. I am the only person you have ever "met" who has never bought or sold anything on Ebay and that is the one and only reason for that.

I still need to figure out how to change my laptop's Linksys wireless connection to my desktop computer from WEP to WPA, though. Either that, or I may just take my desktop computer out of the system completely and ditch the wireless. :p It seems like an accident waiting to happen.
 
Last edited:
One thing I've installed when using IE7 is "dropmyrights" which can be installed for free (check out with your search engine). This just brings up Explorer in non-administrative mode. Since I'm the admin on our XP Windows machine this is a very convienient and safer way to access the web. If you click on a link that requires an install to run then it will not install. Of course, you can always run IE7 in admin mode to install something legitimate.

Still did not prevent me from getting a Trojan on the system a few weeks ago. I run AVG once/day and Spysweeper once/week.

Les
 
You must log in or register to reply here.

Similar threads

S
PayPal scams I've never experienced before
Replies
4
Views
693
Sojourner
Sojourner
njhowie
PayPal Rewards
Replies
4
Views
491
Teacher Terry
Teacher Terry
AZflowers
Paypal account breach
Replies
2
Views
331
AZflowers
AZflowers
S
Treasury Direct FYI: Changing Primary Bank Information
Replies
1
Views
565
euro
euro
L
Savings bonds redeemed at treasury direct. No 1099-int
Replies
18
Views
1K
mrfeh
M

Latest posts

Back
Top Bottom