Someone Hacked My PayPal Account

1. 91

   wordscribe43posted 12 years ago

   So I receive an email from PayPal today with a receipt for a payment to some Chinese electronics company by the name of DHgate.com in the amount of $313.50.  Okay... I didn't make this transaction.  I ONLY have a PayPal account for HP reasons. I also received an email stating my account has been limited until they hear from me.  So, I logged on and immediately changed my password.
   
   I tried to change my bank account number associated with the PayPal account, but they won't let me since my account is "limited".  Anyway, I went straight to the resolution center and filed a complaint.
   
   Man, $313.50 debited from someone's account could really be a disaster if the funds weren't there.
   
   Anyway, has anyone had this happen to them?  Is PayPal good about resolving these unauthorized transactions?
   
   I really don't need this cr*p right now.

   replyreport
   1. 43

      maxraviposted 12 years agoin reply to this

      well wordscribe43.. I heard a lot of cases like this.Paypal is good in resolution for cases like this.don't worry.just keep following with them.It will little time, but surely it will be resolved.

      replyreport
   2. 72

      galleryofgraceposted 12 years agoin reply to this

      Sure hope you didn't log on from the email! Unless you see the debit in the account- it was a scam , someone trying to get you to log in to paypal from the email.

      replyreport
   3. 51

      SmithJeffreyposted 6 years agoin reply to this

      Deleted
2. 59

   CulinaryFoolposted 12 years ago

   You should call them immediately. And yes -- they have a Resolution Center that is pretty good about resolving these issues. They'll also be able to tell you what you need to do next.

   replyreport
3. 91

   wordscribe43posted 12 years ago

   Thanks, guys.  I didn't know there was an option to call them, however.  I guess I'll look into that since I feel very on edge right now.
   
   This sucks.

   replyreport
4. 76

   LuisEGonzalezposted 12 years ago

   This is a scam similar to other scams featuring Fedex, UPS and other carriers where you are told that your account needs to be updated or revised or has been compromised or severely limited.
   
   Once you change it and input new passwords, the account is basically theirs. This is originating from Russia and some parts of China.
   
   Paypal is very good at resolving issues, but keep in mind that you provided your information, albeit through a scam that looks quite good and easily passes for a real Paypal notification.

   replyreport
   1. 91

      wordscribe43posted 12 years agoin reply to this

      I was worried about that.  A while back I received a similar notice that my account was limited.  I refused to follow the links from the email and went directly to my PayPal account.  From THERE I changed my password and security questions.  So, I figured I was safe. 
      
      PayPal is ON IT, though.  They've already emailed the seller and are waiting for a response from them.  So FAR the funds have not been debited from my account and I'm hoping they will never be.
      
      I'd close the whole thing if I didn't have HP ads money coming in this month. 
      
      Thanks for your response.  It's a scary world we live in.

      replyreport
      1. 76

         LuisEGonzalezposted 12 years agoin reply to this

         If your funds have not been debited, then you are probably safe. The issue arises if the funds are debited and you notified Paypal afterward.

         replyreport
      2. 96

         Glenn Stokposted 12 years agoin reply to this

         The funds were never debited from your account because it never really happened. Just as LuisEGonzalez said, this is a scam. 
         
         The important thing that you did not indicate is... did you change your password by logging in via a link from THAT email?  Or did you log in by typing the URL in your browser?  If you never followed the link then you probably are safe. But if you clicked on the link in th email then you did not log on to PayPal. You logged on to a spoof site that looks just like it. Then when you changed your password you actually gave them your real password, which is still the same (unchanged) on your PayPal account. This gives them the ability to log in and withdraw all your money. 
         
         Bottom line, no legitimate bank or valid institution will ask you to log in by clicking FROM the email. Never do that and you will always be safe.
         
         For now, I would suggest you log in to PayPal directly and check to see which password works. Your prior one or the new one. And you'll know where you stand if you understood what I was saying..

         replyreport
         1. 91

            wordscribe43posted 12 years agoin reply to this

            Yes... I never followed the link from any email.  I know better!  I went straight to my PayPal account by typing it into my browser.
            
            So, I don't know what happened, really.  You're right, the funds haven't been debited (thank goodness) and PayPal has been VERY responsive.  I'm not very worried at this point.  Thanks for the reassurance all.

            replyreport
            1. 72

               galleryofgraceposted 12 years agoin reply to this

               Everyone should also remember to use the secure link: "https:" from the browser.

               replyreport
5. 94

   melbelposted 12 years ago

   PayPal is amazing about their resolution. In fact, I have written articles for someone in the past, sent them to the person and then they filed a PayPal thing saying they never received the articles. PayPal then refunded their money. This is why I have really strict rules about writing articles for people online these days... I get PayPal scammed like that.
   
   That said, on the other side of things, before my ex-husband and I met, he had a situation JUST LIKE YOURS happen except the hacker used PayPal to empty out his bank account. PayPal fixed the situation and worked with his bank so that he wasn't charged an overdraft fee.

   replyreport
   1. 96

      Glenn Stokposted 12 years agoin reply to this

      Melbel,  I have use two other credit card processing services in my 30 years of being in business.  Now I only use PayPal to accept credit cards. They have proven more than once to have an amazing resolution center.
      
      Once I had a customer who disputed the charge with her bank, stating that her card was stolen. PayPal fought for me and won because I shipped to the address that PayPal verified to be the billing address for that card. So it was obvious that the same person who pays the card bill had received my product.  PayPal protects merchants as long as we ship to the verified billing address.
      
      I used to sell software by download and in those cases I did not have proof of shipment, since it was downloaded. So as they state in their policy, I am not protected in those cases and I can understand that. This is the same as your situation selling writing services. The only solution in your case would be to mail the articles on disk to their billing address with a tracking number.

      replyreport
6. 91

   wordscribe43posted 12 years ago

   That's soooo good to hear, Melbel.  It's scary to think what could happen.  I'm so glad I caught it when I did!  I'm impressed they worked with his bank on the overdraft fees, too.  No doubt the scenario could have been a lot worse.

   replyreport
7. 91

   wordscribe43posted 12 years ago

   You know what dawns on me, actually.  The last PayPal update I made was directly through HubPages since the PayPal address associated with my account changed a while ago.  I changed all the information directly through the HP link. Hmmm....  I did that about a week ago because I'm going to get paid by HP's ad program.

   replyreport
   1. 96

      Glenn Stokposted 12 years agoin reply to this

      wordscribe43, If you should ever follow a link from a trusted site such as HP you can still always assure yourself that you came to the real destination and not a spoof site by looking at the URL in your browser. It should show the URL of the site you are expecting and in the case of PayPal and other secure sites, it should show https:// in front of the URL. Note the "s" for secure. But I would still feel safer just using my own entry or bookmark.

      replyreport
8. 91

   wordscribe43posted 12 years ago

   I guess the lesson here is to NEVER go to PayPal indirectly, even through a trusted site like HP.
   
   The funds have now been debited from my account and I'm fuming.  I am optimistic it will be resolved, but irritated nevertheless.

   replyreport
   1. 96

      Glenn Stokposted 12 years agoin reply to this

      I thought you said that you didn't click on the link from the email. That's the only way they got your password.

      replyreport
      1. 91

         wordscribe43posted 12 years agoin reply to this

         No... I went directly from HUBPAGES, though.  Through the payment settings area...  PayPal says it could be from a virus.
         
         I never went directly through an email.

         replyreport
         1. 96

            Glenn Stokposted 12 years agoin reply to this

            You probably got a spyware virus that tracks your keystrokes and sent your password back to the hacker. Do you have a good antivirus and anti-spyware on your computer?  You should! And you should keep it up to date.

            replyreport
9. 72

   galleryofgraceposted 12 years ago

   You did it by  replying to the scam email. So, now you know better.

   replyreport
10. 61

    TLMinutposted 12 years ago

    A while ago, someone was on here asking everyone's personal information like what schools they went to. Another thread asked another question that are the type of questions you use for security set up on other sites. Hope it didn't come from that. I couldn't believe so many people answered and gave out all their info.

    replyreport
11. 61

    TLMinutposted 12 years ago

    Glenn, does it work to have a password written in a word doc program so when you go online, you can just cut and paste instead of typing it in? I can't think of why that wouldn't work but there could easily be something obvious I'm overlooking.

    replyreport
    1. 91

       wordscribe43posted 12 years agoin reply to this

       Here's what PayPal recommends:
       
       "The PayPal Security Key is a device that generates a unique, random
       access code that you can use to access your account. The PayPal Security
       Key adds an extra layer of security because the code is always changing.
       You can use it from home, work, your mobile phone, or a public computer.
       In addition, the Security Key works with any computer operating system
       and web browser that can access websites affiliated with VeriSign
       Identity Protection (VIP), it works with PayPal and EBay".
       
       You can order up to 5 security keys at the same time.

       replyreport
    2. 96

       Glenn Stokposted 12 years agoin reply to this

       TLMinut, I don't recommend keeping your passwords in a word doc file or any unencrypted file. You never know if you have a virus that will read those and send back to home base.  Look for a password program that save all your passwords encrypted.  I use one and I copy and paste from that. I also use a different password for each site. Just in case one of them gets hacked and my password gets stolen.

       replyreport