1. 

   SmartsyArtsy
   

   offline

   Member

   This morning I received 82 emails from paypal Each of 41 emails inform me that the Student Acct I opened for my teen, "name" was almost complete but I still had to sign in and choose a password. The other 41 inform me that my bank has declined the transfer of funds to those accounts. Imagine my good fortune in being financially sound enough to raise 41 kids (all now teenagers) and supply them with funds ranging from $50 to $3800.

   These student accounts were actually opened and the emails actually did get generated from the paypal routines. I had no way of preventing something like this from happening. However what I did do right is link my account to a bank account which never has more than $200 in it and limit the amount that can be transferred at any one time.

   I also only keep a $200 max in any acct that I use as a debit.

   As far as usernames and passwords, it is a PITA but I don't reuse or duplicate them for financial sites.

   I filter out a lot of Junk mail; scans report that many of them have suspicious attachments

   Any other safety tactics out there, or thoughts on paypal "security"?

   Posted 12 months ago #
2. 

   Mondoman
   

   offline

   Member

   I guess I don't understand what happened. Did an identity thief get some of your info and try to open Paypal account connected to your bank account?

   Posted 12 months ago #
3. 

   shelley
   

   offline

   Member

   You don't need much to get a PayPal account hacked. It has happened to me. A cancelled check, a little bit of work to get a little more publicly available info. It can be as simple as stealing a piece of outgoing mail from your mailbox (for instance a credit card payment check has your address, bank routing number and account number and your credit card number on it). And PayPal wasn't very easy to deal with straightening my problem out. I no longer use PayPal for anything.

   Posted 12 months ago #
4. 

   mc7
   

   offline

   Member

   Yikes. Thanks for sharing.

   FYI When my husband's wallet was stolen a couple years ago the thief was able to withdraw $200 at an ATM and Chase (yes, we've since switched to a credit union) initially refused to recognize it as fraudulent because they claimed the PIN had been used. This, in spite of the fact that they ruled the $40 spent on gas minutes before was fraudulent. There's no way the thief could have simply guessed the 4 number code... Chase did end up refunding the $200 but was at a loss to explain how it happened in the first place.

   Posted 12 months ago #
5. 

   SmartsyArtsy
   

   offline

   Member

   Mondo, what I know so far, is that the hacker got into the account, made some changes, i.e., added the 41 student accounts under my "main" account, then goes back in as the student user and requests an amount of money. I don't keep $$ in the paypal acct, so the funds to be stolen would have come from the bank acct I had linked up (which I had placed restrictions on, thankfully)

   So how did they get into my paypal acct? I don't know. They would have to have the username and password. Or, would need to know security questions and answers, birth date and cr card# and bank acct# (which in my case have nothing in common) shelley, given this scenario, your response does not make logical sense.

   Posted 12 months ago #
6. 

   Compass Rose
   

   online

   Member

   That is scary, considering that we have a chunk of money in a PayPal account. I may transfer most of it after reading this.

   Thanks for the heads-up.

   Posted 12 months ago #
7. 

   Compass Rose
   

   online

   Member

   
   

   Posted 12 months ago #
8. 

   shelley
   

   offline

   Member

   SmartsyArtsy, it might not apply in your case, but in my case it is what happened. They got my credit card number, bank acct number, address, phone # from my canceled check. Then they did the forgot password deal, and the games began -- I got locked out of my own account, and my security questions got changed, all the while a string of e-mails informed me what was happening. A lot of information can be sussed out online with stolen credit cards to pay for it (birth place and date, maiden name, residence history, and a whole lot more). PayPal contended it was entirely my fault.

   Posted 12 months ago #
9. 

   volvoguy
   

   offline

   Member

   Yes, we think of PayPal as protecting our money, when in fact, it makes it easier to extract money from us in many cases without our knowledge: Pay Pal allows outside parties to enter you into an agreement to give them access to your money without authorization, and this is all done under the radar. I've got several incidinces; 1.) I was paying for a McAffee internet security package. I thought I was making a one-time payment, instead, I had unknowingly entered into an agreement whereby McAffee could take a payment at will anytime. 2.) I made a donation at a website using a credit card. PayPal Wasn't even an option on this page. I donated $25.00. A few minutes later I see a deduction from my checking account from PayPal, for $30.00 from the same site. This one's going to as many Attorneys General as I can find applicable. These agreements are entered into unbeknownst to you - there is no notice from PayPal, nothing shows up on your statement about it, and you have to dig down through several menus to find them - if they show up at all. PayPal ain't your pal.

   Posted 12 months ago #
10. 

    onederfullone
    

    offline

    Member

    Yes, we think of PayPal as protecting our money, when in fact, it makes it easier to extract money from us in many cases without our knowledge

    Imbecile, and I'd use the rest of your vapid post to prove it.

    Anyway, 'pal' sounds so innocuous, how could it possibly be dangerous? Because if the short hairs on your neck don't bristle at the mere mention of the word 'pal', you are a facebooking idiot.

    It was designed to be 'under the table' barter-ism. Period.

    Yeah. It's so mainstream anymore. Check yourself. Too late? Brilliant.

    Posted 12 months ago #
11. 

    RichY
    

    online

    Member

    I was paying for a McAffee internet security package. I thought I was making a one-time payment, instead, I had unknowingly entered into an agreement whereby McAffee could take a payment at will anytime

    Read the terms, it states that there will be automatic renewal unless cancelled.

    You should use Kaspesky or MS Security Essentals instead

    How can a site get you PP account info - when you gave only checking account info - that is fishy

    Posted 12 months ago #
12. 

    RichY
    

    online

    Member

    SmartsyArtsy - are you sure the emails came from paypal and not just some social engineering site?

    shelley, "They got my credit card number, bank acct number, address, phone # from my canceled check"
    Stop using those checks! If you do use a check they should have a name only, maybe and address, but no phone # and a credit card # is against state and fed law as ID (verification)
    also none of those should be related to you PP account

    Posted 12 months ago #
13. 

    volvoguy
    

    offline

    Member

    " Imbecile, and I'd use the rest of your vapid post to prove it. "
    The fascist peanut gallery chimes in. Let's take a moment to praise Our Ford.
    When the fascists succeed in getting rid of currency (aka legal tender), stories like these will be so commonplace as to be not worth posting.
    Fuck your fine print: there is a palpable lack of candor, here and it involves your money.

    Posted 12 months ago #
14. 

    shelley
    

    offline

    Member

    RichY, when paying your credit card bill by check, you are directed to write your account # on the check. Doesn't really matter though because the payment coupon has it. My outgoing mail was taken out of my mailbox. I don't send my mail that way any more.

    My point was not well-stated, but your identity can be stolen more easily with outgoing mail than with incoming mail.

    Posted 12 months ago #
15. 

    RichY
    

    online

    Member

    Shelly – It is true that the Recycle bin is the #1 place for ID theft, pay CC direct on the cards site or pay by phone. I have not written a check for over a year and that was to my dentist (he is old school.

    Really your checks should only have your name (or pseudonym)

    American Express is great - 30 day payment due - no chance of making payments and they are ugly on an ape against any fraud.

    Posted 12 months ago #
16. 

    SmartsyArtsy
    

    offline

    Member

    RichY, according to Paypal, they did come from their site.

    Posted 12 months ago #
17. 

    oldguybc
    

    offline

    Member

    SA, sorry about your predicament, hope nothing causes you to lose anything...
    I just saw on Anderson Cooper tonite there are little square boxes that look like an IPad that you can buy on- line for about $100 that can scan all info from the credit cards in your wallet or purse from just a few feet away, scary, going out and buying one of these plastic/metal wallet shields tomorrow (BestBuy)

    Posted 12 months ago #
18. 

    SmartsyArtsy
    

    offline

    Member

    oldguybc-- all the more reason to only carry debit cards with a small amount loaded and AMex because they are great at backing you up against fraudulent charges.

    Posted 12 months ago #
19. 

    Mondoman
    

    offline

    Member

    shelley, almost all billers used to ask for that account number written on check business, but I stopped doing it many years ago just because I was lazy. Not writing the account number didn't hurt anything, and I've noticed in recent years that the pay stub only includes the last digits of the account number, not the whole number anymore -- probably to prevent what happened to you!

    SA -- IIRC you use a Mac rather than a PC. There have been reports in the past few months of some new and dangerous malware/viruses targeted specifically at OS X because nobody uses an antivirus program on the Mac. These have targeted account names and logins for banks, paypal and so forth, so perhaps you've been infected?

    If you want to switch over to Bitcoins, I've got a few I'd sell you for a ridiculously high price!

    Posted 12 months ago #
20. 

    SmartsyArtsy
    

    offline

    Member

    Mondo, I do use a Mac and do security scans daily. To my knowledge I have never gotten a virus although there is an email with an attachment which is flagged as malicious at least 5 days/wk. I still don't know how they got into my acct.

    I am. SO GLAD I bank with a responsive bank, and, as of today it appears that $$$ are returned.

    Posted 12 months ago #
21. 

    Mondoman
    

    offline

    Member

    Yay! Feel free to plug the good bank on Yelp or elsewhere -- it's always good to know who the good local businesses are.
    I guess we don't get to call you "quadragintaunomom" (a la octomom...)

    Posted 12 months ago #
22. 

    Ballardbuzz
    

    offline

    Member

    One oversight of mine was that the checking acct was linked to a Line of Credit. That was unfortunate; something else to watch out for.

    Mondo, Just call me doggomom

    Posted 12 months ago #
23. 

    SmartsyArtsy
    

    offline

    Member

    Mondoman- It's too bad but I feel paranoid now, to announce who I bank with. How ever did you find out what someone with 41 children is called. There's just one thing you are not aware of and that those 41 are just my teenagers. I have 50 other kids who are younger or older and of course there are the animals, so what do you call a mom of 100?

    Posted 12 months ago #
24. 

    onederfullone
    

    offline

    Member

    Busy?

    Posted 12 months ago #
25. 

    iPlod
    

    offline

    Member

    Artsy

    Posted 12 months ago #
26. 

    shelley
    

    offline

    Member

    Smartsy, you are so prolific! How did you manage all the multiple births?

    Mondoman, I just checked. We have 4 different credit cards from different institutions here -- 2 for my businesses, and 1 for each of us. All of the payment stubs have the full credit card # on them; only one is slightly changed with additional digits on the end. All of the payment instructions (as of the last statement for each) still indicate to include your credit card account # on the check. The issuing companies are BofA, Chase, Home Street and BECU. I do agree that it would make sense to only include the last 4 digits on the stub. My original statement stands -- even if I did not write the cc# on the check, the person who stole my outgoing mail can quickly determine quite a lot of information to steal my identity, and with only a slight additional outlay (using someone else's stolen credit card) can learn quite a lot more to make reasonable guesses for my security questions. We have almost eliminated checks from our life as RichY indicated, but there definitely are still a few instances where checks are still required, especially when operating a business.

    Posted 12 months ago #
27. 

    Mondoman
    

    offline

    Member

    wowsa, shelley! The two statements w/payment stubs I had handy were both from AmEx family cards, so maybe it's just AmEx that has gotten smart about ID theft.

    Posted 12 months ago #
28. 

    oldguybc
    

    offline

    Member

    Went out & got a metal wallet from Fry's last nite, nobody gonna scan (scam?) me!

    ALSO...

    DON'T FORGET TO SHRED ALL YOUR JUNK MAIL!

    Posted 12 months ago #

RSS feed for this topic

Reply

You must log in to post.