Tue 14th May 2013 at 14:30

Paypal Account Hacked

So this morning I fired up my machines armed with the usual mug of black coffee. However, I was going to need several this morning!

Sat in my Inbox were 2 receipts from Paypal for eBay purchases, that I knew I had not made. After double checking with the wife that she knew nothing about these purchases either, I rolled up my sleeves and went to work on getting my money back, all £3.63 of it!

 

Time to take action

First point of call was obviously Paypal. Once logged in, I saw that unfortunately, these emails were legitimate and while I had been laid in bed, someone had made 2 purchases via my account. So, I took the following steps:

    1. Logged in to Paypal and check details/seting were all as they should be. Thankfully, they had not changed my password.
    2. Changed my password. This was the most important step to prevent further transactions occurring.
    3. Changed my security questions. This should stop them requesting a p[assord reset etc.
    4. Disputed the transactions via the Resolution Centre -> Report a Problem -> "I want to report a transaction that I didn't authorise"

Once I had completed all the above on Paypal, I then felt obliged to let the shops them selves know about what had happened and as it was still early and the transaction had only taken place 2hours prior, I felt confident that I could prevent the unsuspecting shops dispatching the goods.

Both shops were most responsive and found the transactions quite easily and both said that they would be holding off on dispatch until Paypal had contacted them.

 

While waiting to see what happened, I decided to do some investigation, and my next port of call was eBay. By clicking through the items, I was eventually able to find the feedback that the buyer had left of the items he (yes "he", I establish that, at least online, the culprit was male) had bought. I now had his eBay username and looking at his profile, I could see he was a new user to eBay and if I had my way, he would be losing his account very shortly.

So, the next step was to report him, however, eBay do not appear to give a way to report member accounts that has fraudulently used someone elses Payment details and after much digging, I finally manage to get hold of a phone number and speak directly to a human.

After explaining the situation, they suggested that even though the fraudster had not actually accessed my eBay account, they would recommend changing the password as a precaution and told me how to block the user from my seller account (which I felt was a little odd). The woman I was talking to said, as far as she could tell I had done everything and they would start an investigation also.

 

Lesson Learnt

Change your password often and make sure it is a strong one. Although mine was certaiunly not what you could call weak, it was obviously not strong enough.

Be diligent and keep an eye on your Paypal transaction via the Paypal website. I was lucky, they did not reset my password, nor change my email address.

Paypal is easier that eBay to report this type of issue

 

Incidentally, while I have been typing away, I have noticed that Paypal have already gotten a refund for one of the purchases, but are waiting for the comic shop to feed back, so it looks like this is going to have a happy ending.

 

One finally word

I was quite luck that this fraudster (Andrew) was extremely modest with his £0.99 and £2.64 purchases were and that he was very stupid. Why was he stupid? Well, mainly for 2 reasons:

    1. He foolishly left feedback on eBay for his two purchases, which allowed his username to be revealed
    2. It looks like he used his own address as the shipping address and while his surname is not valid, his name appears to be Andrew

Here are those details to name and shame:

    • Used Name: Andrew w345g (This looks like a left hand scan of keys)
    • Address: 23 Brakefield St, Shetland, Rentrewshire, ZE2 9DL. United Kingdom
    • eBy Username: andrew34g

He likes the "Outsiders" comic and I suspect that the Noddy book was for a younger relation.

 

Update - 2013-05-21

All well that ends well. Paypal have awarded me a refund from the 2nd shop, so that's it all £3.63 refunded

This site uses cookies, please read my cookie policy.