Sorry in advance for going on a bit but you'll see why if you have the time to read the following:


For those who buy/sell on eBay and have a Pay Pal (from now on called "PP") account, I thought I should share this rather scary experience.:eek:

I've had a PP account for a good few years - probably 6 or 7. Never had any problems with security until now.

I got an email from PP saying someone who had paid me money was disputing the payment. I was to visit their resolution centre and add my comments to the claim for them to proceed. At first I thought it was one of those phishing emails where they ask you to "confirm your details or the account would be closed" sort of things:rolleyes: . So I logged in to my PP account using the usual URL rather than the URL to click in the email. It took me straight to the resolution centre, rather than the usual account summary screen.

It turns out that a guy had paid me two payments; £380 ish and £430 ish for some football memorabilia stuff he had bought presumably from eBay. Nothing to do with me.:eek: Haven't sold anything on eBay for a year or two. Only use PP for the occasional eBay purchase (3 or 4 a year). The resolution options were aimed at genuine transactions where I could/could not prove the stuff had been delivered etc., there wasn't a button for me to click which said "WTF??? I know NOTHING about this!" so I had to call PP on Thursday to see what they had to say. I also noticed that "someone" had linked another bank account to my PP account. It was a UK registered bank account from "The Turkish Bank???" Alarm bells started to ring, big time.

Thursday came and I called them. At first I'm pretty sure it was a call centre in Asia that the call went through to, but the guy soon realised this was a more serious matter rather than a "I've forgotten my password" conversation. So I got put through to a lassie in Ireland who was very understanding and froze my PP account immediately. She's removed the Turkish bank details and they have refunded the poor bloke who paid me £800 odd for nothing.

Then today I went back in to my PP account to see what was happening. Perhaps in my ignorance - partly understandable taking into account I seldom use PP - I discovered a "Account history" button.

HOLY ****!!!:eek: :eek: :mad:

Presumably, the same person who hacked my PP account and added themselves a Turkish bank account has been paying himself out of the money he stole from the poor bloke who paid me for the goods he didn't receive. What a frikking mess. The hacker had the good grace to pay me about £12 too, for what reason I have no idea, but I have checked my bank account and that money did go in to my bank account. What is very scary is that if he had full control of my PP account (and I can only assume he did) he could have transferred a fair bit of money (you've all seen the price of popcorn lately) OUT of my bank account into my PP account then from my PP account in to his Turkish account!!!

Needless to say, I've emptied my UK bank account and given all the money to Lenore.

Now waaaaaaaaaaaaaaaaaaaaaaaaait A minute. [Thinks]. Is this some elaborate plot I wonder?:o :D

Seriously though, and joking aside, this is worrying. I know my own UK bank has a pretty secure method of logging in to electronic banking. It's shocking that PP don't have a similar system. If you have someones PP ID (usually their email address) and an idea what their password is, you have full control of their PP account. That's just wrong.

I think if I'm going to continue with any PP membership I'm going to have to open a bog standard UK bank account with nothing in it. Then just stick money in it when I need to pay money out of it.

A.:o

Exactly Andy, don't use your main account for PP, i use an account that i top up to make payments from.

Thats scary..:eek:..why..:confused: because only last week I found one day I couldn't get into ebay or my hotmail account using my normal password:eek: Seems someone had managed to hack into either hotmail or ebay, not sure which:( Luckily I was in them both the night before and caught it the next morning so no damage had been done:o One thing I will say about ebay is they have a kind of MSN type help centre and the lass on the other end sorted it out within 5 mins:D Seems the person who hacked in started to list non existant stuff for sale:eek: On the other hand its now been over a week since I reported the hacking to hotmail and I've not heard a scooby from them so far and I've filled in and sent their on line form 3 times to date..:eek:..shocking service:mad: I have another email but all my contacts are on the other one that I can now no longer access which is a PITA:mad:

I pay for items using my paypal account. However not had a bank account linked to paypal for sometime. If I sell something I get the person buying to pay direct into my bank account saving on paypal fees.;)

Big Gordy, I've just changed my eBay password just in case.;)

A.:D

A wee update: 5th January 2008

Well it seems Pay Pal have investigate and agree my account was hacked. They have removed the Turkish bank account and they have now reversed the payments so the guy who unwittingly paid me about £800 for something I wasn't selling has got his money back.

But! I checked my Pay Pal account a couple of days ago and I had been hit with £30 of transaction fees and my previous £10 credit balance was now a £25 debit balance!!! :mad: :mad: :( So, using the online email system I sent Pay Pal a wee polite email telling them they can stick their transaction fees where the sun doesn't shine and refund me the £10 I should still have in my account.

3 days later and no email reply and my account hadn't changed - still in the red.:rolleyes: So called them. Only had to wait 20 minutes for the call to be answered but at least I managed to speak to someone. They agreed I shouldn't have to pay the fees and they are crediting my £10 back.

So all in all, an eye opening experience for me.:eek:

I'm off to my bank on Monday to open a separate account that I can use just for eBay and Pay Pal, because although I'm no heavy user, every now and then a book comes up on eBay that I really want and there's seldom any other payment option other than Pay Pal.;)

A.:)

I'm off to my bank on Monday to open a separate account that I can use just for eBay and Pay Pal
Andy, make sure they don't give you an overdraft allowance on the new account ;)

Well after 2 weeks of sending emails to hotmail, with no reply untill yesterday:mad:, they have finally resolved my 'hacker' issue:D so I now have my old email address up and running again under MY control this time:rolleyes: What was really scare tho was that the hacker had listed 4 top end cameras under my ebay name with a total value of..........wait for it.........4 GRAND:eek: :eek: :eek: I'm now glad I go onto ebay/hotmail EVERY day...!!! I hate to think of what would have happened if I was an infrequent ebay user like AndyP:o ;) :D

New account opened at my Bank - no interest - no overdraft - no card etc. Just an online account with a fiver sitting in it. If they can be arsed hacking my account to steal that, there's not much I can do about it, but I've only lost a fiver.

Will deffo be keeping a closer eye on my eBay and Pay Pal accounts form now on though.

I have to admit, Pay Pal never reply to any of my emails. Always have to phone them and it can take 20 mins for the call to answered.:rolleyes: :mad:

A.:D

My case is a bit different. I applied for finance and was refused. No response to have been to I contacted Credit Expert and found 7 defaults on my credit file which were nothing to do with me! Now I have their monitoring service just in case as I would want to go through all that again!

especially after the government have now notified me that my information including bank account details are on the discs they lost! :eek:

You can never be too carefull anymore!

I have to admit, Pay Pal never reply to any of my emails. Always have to phone them and it can take 20 mins for the call to answered.

My email issue was with hotmail:mad: Took them 2 weeks to reply to any of my 4 forms filled in online:eek: Ebay were superb as they have the MSN type chatroom for fixing problems. My paypal was unaffected in all the shenaniging......fortunately:rolleyes: :D