ducatiboy Posted February 19, 2007 Report Share Posted February 19, 2007 I got a call yesterday from Paypal asking me if I was sending money to these couple people in Germany. I wasn't I logged into my paypal account and someone at that time was on my paypal account sending money to a bunch of places in Germany (about $400 was gone in the last 20 minutes). The lady from paypal said that she would close the account and send me a message to change the password, but after I hung up with here, $200 more was sent out so I did it myself. I quickly sent as much money left to my bank account and changed the password. And the guy used my email address to sign up for online accounts and things, and they sent me his user name and password. So I logged into his accounts and messed with them before canceling them myself. So I still have $604 and change in "dispute" now from my account, all pulled out within 30 minutes. I'm surprised that paypal called me about this. Pretty cool. The fact someone got into my account it not cool. I can't think how that happened. I recently traveled, but didn't log in on the road. Quote Link to post Share on other sites
tillithz Posted February 19, 2007 Report Share Posted February 19, 2007 was your paypal pass easy to guess? similar to something else you signed in on the road? Are you sure paypal is who called you? caller id reflect that? The reason I ask, is these crooks wouldnt surprise me if they called you directly to lure you into giving other info. That sucks though, Hope you recover all the funds, if not more for the headache Quote Link to post Share on other sites
ducatiboy Posted February 19, 2007 Author Report Share Posted February 19, 2007 was your paypal pass easy to guess? similar to something else you signed in on the road? Are you sure paypal is who called you? caller id reflect that? The reason I ask, is these crooks wouldnt surprise me if they called you directly to lure you into giving other info. That sucks though, Hope you recover all the funds, if not more for the headache When I was on the road, the only thing I checked was email. And my paypal account was nothing like what was used for that. And my paypal account was a combination of a 4 digit number code and a dictionary term. So it wasn't something as simple as just a dictionary term, I thought with 4 digits and a word that might help. Now it's many combinations of numbers and letters, hopefully much harder to brute force. The caller id can be faked, but came up with PayPal Inc and (402)9357733. I called it and got paypal. And the person on the phone didn't ask me anything but my name. She asked if I was the "owner" of a paypal account with the correct email address and then asked if I had made payments to these things.... and those were in my paypal account. If it was a scammer, would they not have tried to get more personal information? Or would they call me and tell me this was happening so I might have the ability to stop it? Seems somewhat legit. This kind of thing happened before where someone stole my credit card number somehow and used it to pay for $500 or so worth of dedicated web hosting for a couple years and put up a Vietnamese computer store web site. I did get my money back eventually. But it's more of a hassle. Quote Link to post Share on other sites
tillithz Posted February 19, 2007 Report Share Posted February 19, 2007 yeah I would bet its legit, but with these scams you cant be too safe. Quote Link to post Share on other sites
aznsmartass24 Posted February 19, 2007 Report Share Posted February 19, 2007 sounds like you got fooled by one of those phishing websites Quote Link to post Share on other sites
ducatiboy Posted February 19, 2007 Author Report Share Posted February 19, 2007 sounds like you got fooled by one of those phishing websites Sounds like it, but I have never logged into paypal any other way than just going to their main site and logging in. I usually laugh at those phishing sites and emails. I wish I knew how he got my name and password. Quote Link to post Share on other sites
PaisanNYC Posted February 19, 2007 Report Share Posted February 19, 2007 Im real sorry to hear that DB. I REALLY cant stand crooks who dont feel like getting an honest job. This may be a stupid question, but you dont use the same password for paypal that you use for websites and forums and such right? It is REAL easy to extract email addresses and passwords from PHP sites using an SQL injection. Quote Link to post Share on other sites
ducatiboy Posted February 19, 2007 Author Report Share Posted February 19, 2007 Im real sorry to hear that DB. I REALLY cant stand crooks who dont feel like getting an honest job.This may be a stupid question, but you dont use the same password for paypal that you use for websites and forums and such right? It is REAL easy to extract email addresses and passwords from PHP sites using an SQL injection. No forums I use a simple password, not dictionary, but short and simple. But financial institutions I use separate passwords for each and each one has numbers and letters. And then I don't re-use that password anywhere else. Yah, I don't trust the security of these online web forums. Quote Link to post Share on other sites
sportsfan21 Posted February 19, 2007 Report Share Posted February 19, 2007 Thats why I never leave any significant amount of money in my PayPal account. First of all, I don't like paying for items using my PP balance because then your only protection is through PP. Second, for reasons like this, I like my money to be more secure that an email address and password. My online bank accounts all need a lot longer, more complicated info then a standard password, so I keep it there. Quote Link to post Share on other sites
dwhitley0381 Posted February 20, 2007 Report Share Posted February 20, 2007 FYI... chances are you have a virus trojan on your current computer or a computer you have logged into paypal with. I know you are going to say no I have a virus protection, but I do this for a living.. I am an IT director and it happens more then you think.... I would backup what data you have and then format your computer. I would bet its been sending your key strokes back to the person who stole your identity... If you have a router that can track out going packets I would look at the log and see what IP address its going to... Quote Link to post Share on other sites
Itchy Posted February 20, 2007 Report Share Posted February 20, 2007 I agree w/ sportsfan. I always empty it when there's a balance. And if I purchase something, I always do it w/ a credit card through paypal. If anything goes wrong with the transaction, I call my CC company direct and dispute, rather than go through the elongated paypal process. Paypal isn't that secure anyway. http://paypalsucks.com/ Quote Link to post Share on other sites
cntrylvr79 Posted February 21, 2007 Report Share Posted February 21, 2007 Now that sucks. Friend of mine went through a similar problem with his paypal account. just cancelled mine because of it. Quote Link to post Share on other sites
wrx614 Posted March 8, 2007 Report Share Posted March 8, 2007 The way that they probably got your paypal info is through your email. Since paypal uses your email address to log in, all they have to do is click on forgot password, and as long as they know your bank account number or credit card number, they're in. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.