The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.
My Paypal was hacked...how?
Raqie
Registered User regular
Registered User regular
Someone got into my Paypal account a couple days ago and treated them self to a couple of payments that added up to $700.
This was charged onto my credit card and luckily my credit card company won't make me liable for the charges.
I changed my password on the account and deleted the credit card. Paypal won't let me delete my bank account yet because my account is locked down since they believe a "third-party" might have accessed my account.
There are only 2 ways I could see this happening:
1) Paypal security sucks and someone tried various combinations until they had a hit. My password wasn't anything obvious but it was all letters. I thought paypal denied access after a certain number of attempts though...
2) I have used this password for other sites. Pretty much any site related to money I have a more secure password for but somehow Paypal still had my original password. I don't sign up for anything sketchy really but is it possible someone took my e-mail/password combination and tried it on paypal? What is the likelihood of that? Don't most sites have the passwords encrypted so not even the site owner has access to them?
From now on I plan to be more careful and not use the same password for multiple things but I'm just curious to know how this happened.
Anyone have any ideas?
This was charged onto my credit card and luckily my credit card company won't make me liable for the charges.
I changed my password on the account and deleted the credit card. Paypal won't let me delete my bank account yet because my account is locked down since they believe a "third-party" might have accessed my account.
There are only 2 ways I could see this happening:
1) Paypal security sucks and someone tried various combinations until they had a hit. My password wasn't anything obvious but it was all letters. I thought paypal denied access after a certain number of attempts though...
2) I have used this password for other sites. Pretty much any site related to money I have a more secure password for but somehow Paypal still had my original password. I don't sign up for anything sketchy really but is it possible someone took my e-mail/password combination and tried it on paypal? What is the likelihood of that? Don't most sites have the passwords encrypted so not even the site owner has access to them?
From now on I plan to be more careful and not use the same password for multiple things but I'm just curious to know how this happened.
Anyone have any ideas?
Raqie on
0
Posts
4) All letters? Seriously? Throw some numbers and a punctuation mark in there.
Can trade TF2 items or whatever else you're interested in. PM me.
Have you ever entered a wrong password?
Have you ever had the PayPal login screen time out?
If so, either of those could be a scam site using a coverup to the fact they just poached your password.
Can trade TF2 items or whatever else you're interested in. PM me.
No and no. Actually I hadn't logged into paypal in months until this happened. When I log in I only do so directly from paypal.com.
Some people will use the name of the site in their password, such as for chase it would be "20rh23Chase". But that isn't really a good idea since if I was able to get your password for Digg and it was "20rh23Digg" I would assume you use the site name and would be able to guess it for Chase. However if you were to associate the site chase with something like the reason you opened the account, maybe the first job you had that required you to deposit money was target you could do "20rh23Target" that would throw people off and on Digg let's say you associate it with Kevin Rose, you could do "20rh23KRose".
Sure some people could guess what you associate it with but it would be a lot harder to guess for each site.