Paypal account hacked

ianbeany

ianbeany

ianbeany

Associate
Joined
9 Oct 2014
Posts
137
Location
South Tyneside
Hello chaps,

Would really appreciate some advice here.

Two weeks ago I was looking for some mods for Watchdogs and I stupidly ended up downloading some trojans/viruses. Windows immediately flagged them so I selected 'remove' then ran Malwarebytes and Spybot which came back clear. I thought that was it sorted and forgot all about it.

Yesterday I tried to log into my Paypal account and the password had been changed so I reset it and logged in. Once in I saw someone had added a new phone number, a new address, activated Paypal Credit and made two purchases for £400 each.

After that I noticed my Email account password had been changed too.

I then formated my SSD and reinstalled Windows and created a brand new Email account. Then phoned up Paypal. They cancelled the two transactions, removed the phone number, changed my password, changed my Paypal email to the brand new one and I then activated '2 step activation'. Problem solved I thought.

Today I got an email saying my Paypal password has been changed again. I reset it and logged in and there has been no activity on my account and nothing has changed.


I just can't figure out how the hacker has been able to access my account again after the steps I took??


As you've probably noticed I'm not as clued up on internet security as I should be so would really appreciate it if anyone can shed any light on the situation or offer any kind of advice or thoughts.


Thanks
 
Sounds impossible unless they know who you and are or are in the same home as you even then how would they know your password and have access to your 2 Step Verification.

As for the last part above do not "Send a Pin to email" etc, I would use a one time Code from a mobile phone.

Advise you start over and use Lastpass and LastPass Authenticator (or even Googles) on your phone
 
Last edited:
The email you got was probably a delayed email from when it was changed, it is fairly common that these sorts of confirmation emails are delayed several hours or even 24 hours later.
 
ianbeany said:
Hello chaps,

Would really appreciate some advice here.

Two weeks ago I was looking for some mods for Watchdogs and I stupidly ended up downloading some trojans/viruses. Windows immediately flagged them so I selected 'remove' then ran Malwarebytes and Spybot which came back clear. I thought that was it sorted and forgot all about it.

Yesterday I tried to log into my Paypal account and the password had been changed so I reset it and logged in. Once in I saw someone had added a new phone number, a new address, activated Paypal Credit and made two purchases for £400 each.

After that I noticed my Email account password had been changed too.

I then formated my SSD and reinstalled Windows and created a brand new Email account. Then phoned up Paypal. They cancelled the two transactions, removed the phone number, changed my password, changed my Paypal email to the brand new one and I then activated '2 step activation'. Problem solved I thought.

Today I got an email saying my Paypal password has been changed again. I reset it and logged in and there has been no activity on my account and nothing has changed.


I just can't figure out how the hacker has been able to access my account again after the steps I took??


As you've probably noticed I'm not as clued up on internet security as I should be so would really appreciate it if anyone can shed any light on the situation or offer any kind of advice or thoughts.


Thanks
Click to expand...


I've had loads of emails saying my paypal account is on hold and things like that.
I just click on More at the top of the email to see who it's really from.
 
When I get these types of emails, I never click the links in the email and just to Paypal (or whatever the site is) and login normally.

I wonder if perhaps the Trojan has accessed your browser's details? For example if they obtained your Chrome credentials, the updated saved passwords would be handed to them on a plate. One of a few reasons I don't use Firefox sync and use a master password - that way my data is only ever on my computer, even if it can be slightly inconvenient sometimes.
 
Thanks for the replies fellas. Really really appreciated.

I've just discovered something extremely worrying.

I noticed the hacker has been on Live Chat pretending to be me:

"i am unable to use paypal and i have changed my password and also uploaded my id has requested
how long before i can use my account again"


"Thank you and I was able to check your proof of Id and it was accepted.
With this, I am happy to inform you that I have successfully lifted your account from restriction."



I stupidly had my matchedbetting documents on my computer hidden away in some random folder :(

I'm ******** myself now. Is a hacker having all my verification docs as bad as I suspect it is?

Any further advice or thoughts on the situation will be much appreciated
 
Thanks mate. Yeah I done all that and everything seems to have been ok for the last 36 hours.

But what's terrifying me now is the thought of someone having all my ID documents and what they could do with them.

Basically the hacker seems to have had full control over my computer and has stolen photos of my Drivers Licence, Debit Cards, and bank statement


The situation really needs dealing with but I'm just not sure what I should do.

Someone told me I should register with something called CIFAS but it seems you have to pay for the service. I wouldn't mind paying of course if I knew for sure it was the right thing to do
 
You must log in or register to reply here.
Back
Top Bottom