Wednesday, February 02, 2005

PayPal Phishing Attack

PayPal Phishing Attack was reported in this linked EWeek article and apparently involved users Paypal linked email addresses, making them available on the web. The culprit was a third party partner of Paypal that handles unsubscribe requests for them.

Paypal claims that they are contacting all of their affected users and that it was a small number, although a small number to Paypal may be huge by the standards of smaller companies.

I recieve a dozen Paypal spoof emails Phishing for my username and password. I fell for it once, way back when it was less common a couple of years back. I now routinely send those phishing email attacks with full headers exposed to the recommended email address.

Always get a form letter email in return thanking me for helping them reign in this criminal activity. I have started to just delete them lately as there are so many, I don't have time to send them all in. It's easier to see which ones are risks now because I've adopted a single specific email address that is only used for email payments.

I get tons of phishing emails for Washington Mutual Online Banking as well. Those are easier to delete without looking at them as I don't bank with WaMu any more, so know that they have no reason to contact me. Sure gets tiresome to deal with crooks so routinely though.

I recently had trouble with Paypal on another front when a client filed a fraud report because they saw a charge from eBay on their credit card statement after paying my fees through PayPal with their credit card - an option offered through my online billing provider.

The client wasn't aware that PayPal was owned by eBay and made that fraud claim because they hadn't purchased anything at eBay. Seems quite understandable and reasonable and makes me wonder why PayPal doesn't make changes to reflect the destination of the payment, not eBay OR PayPal in the records reflected on credit card statements.

The resulting deficit in that account cost me dearly in multiple blocked transactions related to the fraud complaint and tied up my funds for nearly two weeks. Multiple phone calls, emails, online forms and client contacts took nearly 4 hours of my time as well. PayPal needs to tighten up!

Save To    Digg! Digg This!
posted by RealitySEO at 4:46 PM


Post a Comment

<< Home