# Ebay and Paypal



## Barren Realms 007 (Nov 11, 2015)

Hello everyone.

I'm trying to check up on something this morning. About 1:00AM My wife woke me up asking if I had bought something on Ebay and I told her no. I contacted 3 of the 4 sellers on Ebay to let them know what had happened. One of the sellers has cancelled the order. After 1-1/2 hours dealing with that I looked on my seperate paypal account and found that a bunch of paypal gift cards had been purchased through my paypal account.

We don't log onto theses 2 accounts with the same devices so I have a feeling that paypal has been hacked but I might be wrong.

I'm just letting everyone know about this so they can change your paypal passwords if you feel it is necessary.

Total racked up between the 2 account was about $4,000.00

Hope everyone has a good day.


----------



## kurtak (Nov 11, 2015)

Ouch - that's gotta hurt Frank :shock: 

Hope you are able to recover the loss - & who ever is behind it gets caught & spends a veeeery long time in prison

Personally I still believe in public hangings :twisted: 

Kurt


----------



## Barren Realms 007 (Nov 11, 2015)

kurtak said:


> Ouch - that's gotta hurt Frank :shock:
> 
> Hope you are able to recover the loss - & who ever is behind it gets caught & spends a veeeery long time in prison
> 
> ...



Thanks Kurt,

Yes I'm in the middle of getting all of the charges removed through paypal. All of the purchases were made from outside of the US. One of the sellers contacted me back and said one of the buyers accounts had multiple purchases on it. And all of the purchases that were charged to us were from different buyers so this was a large cordinated strike by someone or some group.


----------



## rickbb (Nov 11, 2015)

Was in the news yesterday about 100 million accounts from various banks and stock trading sites was stolen. The data was used in various schemes to rob people. Could be related to that.


----------



## g_axelsson (Nov 11, 2015)

Ouch! I hope everything turns out well in the end.

I would use a totally different computer and look over any site I have accessed from the one you use for eBay and change every password. And if you are using the same password on several sites then I would change them all.

I don't think paypal has been hacked, that would probably affect a lot more users and it would be hard to keep from the news. What I think has happened is that somehow a key logger program has been installed on your eBay computer/device.

I would have a hard time keeping paypal and ebay on separate devices. Many fixed price auctions demands instant payment and you have to enter your paypal password to pay.

I got a call a few days ago from an Indian call center, claiming they called for Microsoft and that I had an infection on my computer. They guided me to various programs and commands on it which would show that it was infected. To a normal user it would probably look plausible, but all they wanted was to run teamviewer to get access to my computer.
I managed to keep them on the phone for an hour until they realized they would never get access and all I was doing was wasting their time. I had quite a good time... :twisted: 

I'm not saying that you would have fallen for this scam, but there are hundreds of ways a computer can be infected, social engineering, malicious websites, infected programs, zero day exploits, missed updates... and so on.

Good luck!

Göran


----------



## Barren Realms 007 (Nov 11, 2015)

rickbb said:


> Was in the news yesterday about 100 million accounts from various banks and stock trading sites was stolen. The data was used in various schemes to rob people. Could be related to that.



Yea I saw that. Not sure if this is from that or not. The guys arrested from that were here in the US but this was all done outside the US. It was done in UK.


----------



## Barren Realms 007 (Nov 11, 2015)

g_axelsson said:


> Ouch! I hope everything turns out well in the end.
> 
> I would use a totally different computer and look over any site I have accessed from the one you use for eBay and change every password. And if you are using the same password on several sites then I would change them all.
> 
> ...



Its possiblethat a keystroke logger has been installed but I doubt it.

This is dealing with 2 different paypal accounts and each paypal account it linked to a different bank. They are not associated in any way. Either by bank, email or login infrmation. My wifes is accessed through her Ipad or Iphone and mine is accessed through my computer only. So a keystroke logger would not catch both account logins. This happened to both accounts at the same time at around 1:00 AM. Items were purchased through wifes account and gift cards purchased through my account.


----------



## Barren Realms 007 (Nov 11, 2015)

Ok paypal has been contacted and all charges for both accounts are in the process of being refunded and they are doing an investigation on their end. Ebay has been contacted and they are doing an investigation on their end and my guess is the buyers accounts will be shut down.

What a waste of my damn time. :evil:


----------



## JHS (Nov 11, 2015)

I just went to log into Ebay and they changed the login form.Not sure if it was done because of this or if it's a hack.
john


----------



## Barren Realms 007 (Nov 11, 2015)

JHS said:


> I just went to log into Ebay and they changed the login form.Not sure if it was done because of this or if it's a hack.
> john



Did they change the login form or ask you to add new security codes. My login form has not changed.


----------



## JHS (Nov 11, 2015)

Just the look of the log in form.


----------



## Palladium (Nov 11, 2015)

I received a couple of paypal spoof invoices in the last couple of days that said they were for items i had purchased and wanted me to log into my account in order to view them. They even had my customers correct contact information on them. I instead went to paypal and logged in and seen that the charges were not really on my account. If you click the link in the invoice it will carry you to a spoof site and steal your info! That information on the invoices could have only come from one site and that would be a paypal account server. I contacted my clients and informed them, but they said their accounts had not be compromised. I knew something weird was going on then. I have paypal set to email me every time a charge is made to my account. I can use my card at the store and before i get the receipt from the cashier my phone goes off with an email alerting me to the purchase.


----------



## JHS (Nov 11, 2015)

One thing I always do is sign out and close my browser and then open my browser again and then go to the next site.This is so no one can hack me and go back to where I last was.Not sure this helps or not.
john


----------



## Barren Realms 007 (Nov 11, 2015)

Palladium said:


> I received a couple of paypal spoof invoices in the last couple of days that said they were for items i had purchased and wanted me to log into my account in order to view them. They even had my customers correct contact information on them. I instead went to paypal and logged in and seen that the charges were not really on my account. If you click the link in the invoice it will carry you to a spoof site and steal your info! That information on the invoices could have only come from one site and that would be a paypal account server. I contacted my clients and informed them, but they said their accounts had not be compromised. I knew something weird was going on then. I have paypal set to email me every time a charge is made to my account. I can use my card at the store and before i get the receipt from the cashier my phone goes off with an email alerting me to the purchase.



Yea I have received spoofs like those as well and just deleate them. And Paypal sends me emails when a purchase is made also that is how I knew about it at 1:00 this morning when the wife woke me up asking if I had made any purchases.


I had something similar happen last year through a provider and I got it fixed, then it hit the national media 2 weeks later that the companies servers had been hacked and compromised. Everyone told me I was wrong then too that it was accessed from my computer. Time will tell maybe


----------



## Geo (Nov 11, 2015)

Check all of your devices for key loggers. It records key strokes and can be accessed by outsiders. This usually means you have a Trojan virus.


----------



## Barren Realms 007 (Nov 11, 2015)

Geo said:


> Check all of your devices for key loggers. It records key strokes and can be accessed by outsiders. This usually means you have a Trojan virus.



Not sure how to check for that. I have looked in my programs and have not seen anything unusual that has been installed.


----------



## resabed01 (Nov 11, 2015)

Any decent up to date virus scanner should pick it up. My advice to you is run a 2nd independent scan because not every scanner is 100%

http://www.eset.com/us/online-scanner/


----------



## Anonymous (Nov 11, 2015)

Download Spybot Search and Destroy - V 2.4 is ok. 

Run a full scan and you'll probably pick up a load of stuff mate. It's a good program. Use the cnet link when you have searched it- they are safe.


----------



## Geo (Nov 11, 2015)

If you are using windows, you can force start the windows malicious software removal tool https://www.microsoft.com/security/pc-security/malware-removal.aspx

https://support.microsoft.com/en-us/kb/890830

Be sure to run this regardless of any other antivirus you have.


----------



## MarcoP (Nov 11, 2015)

Stealing data from different devices in the same location can happen when, the easiest ones:

Wireless enabled and the range reaches the road, someone got access to your network and started sniffing.

DNS spoofing, your ISP DNS server is infected, if it is a Forwarder DNS it may be possible the infected one is the 'forwarded to' server. Tell your network card to use a public DNS server, eg Google: 8.8.8.8, 8.8.4.4. Also, using a static IP will keep you safe from DHCP servers' bugs. By the way, you could make your own authoritative DNS server with a slot one with 256MB RAM, which will only talk to root servers (one way to speed up browsing, less WAN traffic, less load in your router, etc., etc.).

And more...

Marco


----------



## Barren Realms 007 (Nov 11, 2015)

Thank you everyone I appreciate the help.


----------



## Barren Realms 007 (Nov 12, 2015)

All scum sucking, belly crawling, low life no good hackers should be tied up smeared with honey and staked to ant mounds. :evil: :evil: :evil: :evil: :evil: 



Thank you for all your help guy's. I appreciate it greatly.


----------



## kalgari (Oct 15, 2018)

VirusTotal is a good option as well. No needto install in on PC. As a variant you can use Dr Web Cureit, it's 100 % free.


----------

