Online since 2002. Over 3300 puzzles, 2600 worldwide members, and 270,000 messages.

TwistyPuzzles.com Forum

It is currently Wed Apr 23, 2014 1:01 pm

All times are UTC - 5 hours



Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Someone stealing from my PayPal account!
PostPosted: Fri May 10, 2013 1:45 pm 
Offline
User avatar

Joined: Mon Mar 30, 2009 5:13 pm
This morning I received several messages that two unauthorized payments ("donations") of 15 Euros were made from my PayPal account to a Claudio Boriani, whom I've never heard of. At first I wasn't too concerned as I thought it was a scam, someone sending the e-mails to get me to click on a false link so that they could phish for my account details. But then I received further e-mails from PayPal saying they were picking up suspicious activity in my account, and asking me to go to PayPal without giving any link, to change my password and security settings and check for unauthorized activity. I did this and found the two unauthorized transactions, so I opened a dispute for PayPal to investigate, but this has made me feel very nervous, because they could have just as easily cleared out my entire account!

Has anyone else had any problems with PayPal security, had money taken fron their account without any authorization? I would like to know if this is a rare exception, or more common than I had thought. Also, I would obviously like to understand *how* it happened, and be reassured that it won't happen again.

_________________
If you want something you’ve never had, you’ve got to do something you’ve never done - Thomas Jefferson


Top
 Profile  
 
 Post subject: Re: Someone stealing from my PayPal account!
PostPosted: Fri May 10, 2013 2:16 pm 
Offline
User avatar

Joined: Thu Dec 31, 2009 8:54 pm
Location: Bay Area, California
The "how" it happen is probably impossible to answer since it requires either information only Paypal could get or only the bad guys know.

The two most common ways this happens are:

1) Malware on your computer. There are many different infostealers out there but ZeuS is the most common. Malware like ZeuS capture all of the stored passwords you may have on your machine, all of the cookies in your browser, all of the https post content that you send when you log into sites, and everything you type and the name of the window you're typing it into.

Here is a snippet from an actual log from zeus:
Code:
[Bank of America | Online Banking | SiteKey | Verify SiteKey - Mozilla Firefox]
KEYLOGGED:776

[https://sitekey.bankofamerica.com/sas/verifyimage.do]
nextAction=signon
isJavaScriptEnabled=true
CWCConversionMessage=false
conversionId=null
conversionName=null
conversionURL=null
passcode=[the user's actual password here]
cc=[the user's actual credit card number here]
mm=05
yyyy=2015
seccode=[the user's actual cvv2 number here]


*******GRABBED BALANCE*******
[https://www.bankofamerica.com/accounts-overview/accounts-overview.go?sessionid=[sensord session id&request_locale=en-us&returnSiteIndicator=GAIMW]
<div class="h2-bold-14">
                                [the user's real name here]
- Personal Accounts                     </div>
*******GRABBED BALANCE*******


The user logged into their Bank of America account and ZeuS got everything. I don't feel comfortable sharing more of the log than that. ZeuS got everything.


2) The other very common way to steal from accounts is when a user uses the same password and email address with their financial account that they used on some other website. For example, suppose you use the same password on twistypuzzles.com that you use to your PayPal account. Then anyone with access to the twistypuzzles.com database (the hosting company, Sandy, anyone with backups, hackers, etc.) can look up your email address and password (crack it if necessary) and log into your PayPal account. Giant password breaches are very common. In the last two months both LivingSocial and Evernote lost 50 million passwords, each.


Besides checking your computer for malware and using unique passwords, a pretty good way to protect your important accounts is with multi-factor authentication.

PayPal: https://www.paypal.com/us/cgi-bin/webscr?cmd=xpt/Marketing_CommandDriven/securitycenter/PayPalSecurityKey-outside
Amazon AWS: http://aws.amazon.com/mfa/
Google: http://support.google.com/accounts/bin/answer.py?hl=en&answer=180744
Facebook: https://www.facebook.com/note.php?note_id=10150172618258920

... and many other sites and services offer multi-factor auth. I use it everywhere I can.

_________________
Prior to using my real name I posted under the account named bmenrigh.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: Yahoo [Bot] and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Forum powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group