I very rarely use PayPal, especially the account I have set up for Foxtrot use. I had to get a used/old part for a server the other day, so I sucked it up and eBayed/PayPalled.
When I went in to use my PayPal account, what appeared to be a verification screen came up - IN CHINESE!
I could not figure out how to switch back to English, so I called PayPal. After quite an interesting jaunt through their phone customer service system, I finally got to a guy who was able to set my account back to English. I did indeed need to verify my account, so this was also "interesting."
I asked the customer service guy why my account would have been switched to Chinese, and without hesitation he said, "Because it was compromised." This was also the reason for the account verification. He suggested the possibility of a keylogger virus or something snagging my password as I entered it.
Then I logged in . . . and there was a balance there. This is very strange, as I rarely keep a balance. I investigated further, and saw four transactions for 10 Euros each, to Skype . . . and then four apparent refunds back into the PayPal account. This was the shyster's method for getting money out of my linked bank account and into "cash" in my Skype account, which presumably they would have wired to their e-mail address and PayPal account.
Apparently, PayPal caught wind of the shenanigans because they suspended the transactions and required a verification on the account. Once I verified the account, I was able to restore the money back to my bank account, so no money lost.
So, what happened? Was it a keylogger as the customer service guy suggested? I don't think so, because I have not logged into my PayPal account for at least 9 months, probably more like a year. Zero transactions this year up until this snafu.
Was it a good guess at my password? I just don't see it, as my password is kind of jibberish and not prone to being guessed. It should also be noted that my password was what I expected it to be, so it was not a guess at my verification info and a reset password.
It seems more likely that PayPal itself got hacked somehow. PayPal figured it out and suspended the accounts and the transactions before the ploy could unfold completely. There are lots of stories similar to this one out there on the net - most much worse. That's my theory . . . check your PayPal account.
Saturday, January 31, 2009
Subscribe to:
Posts (Atom)
