Someone just tried to spend £1000 from my bank at OcUK.

FloppyPoppy

FloppyPoppy

FloppyPoppy

Soldato
OP
Joined
27 Jan 2012
Posts
7,971
Location
The king of the north!
KIA said:
Use a password manager.



Huh?
Click to expand...
413x said:
Huh x2
Click to expand...
Stretlow said:
Utter nonsense
Click to expand...

It stems from the pre authorised payments. In short:

I had my origin set up with pre authorised payments.
Someone made an account on origin with my details ???? Don't know how I'm sure my info was leaked from somewhere.
They then somehow had my PayPal pre authorised payments linked to that account.

The reason I know they don't need the password is as follows. Whilst the money was being spent and my phone was alerting me to this. I changed my PayPal and associated emails passwords. Yet for 10 more minutes afterwards they continued to spend the money. I only stopped it by removing my bank details from pp.

Phoned Halifax about this to tell them to not let the money go out and was send to the same fraud department. Needless to say the nice woman on the phone informed me that they had seen a spike in PayPal related complaints.


Take it for what you want. But i won't use it anymore.
 

darael

darael

darael

Soldato
Joined
10 Jul 2010
Posts
6,312
Although I don't store card details with Overclockers, is there still a risk that details from any cards I have used in the past could be at risk? Either way, I'm changing all my Overclocker's passwords - main site, forums and trust.

I use LastPass to generate a password for me, usually to the maximum length I can get away with. I then use Firefox to store my passwords.
 

Stretlow

Stretlow

Stretlow

Associate
Joined
5 Aug 2013
Posts
457
harry5522 said:
It stems from the pre authorised payments. In short:

I had my origin set up with pre authorised payments.
Someone made an account on origin with my details ???? Don't know how I'm sure my info was leaked from somewhere.
They then somehow had my PayPal pre authorised payments linked to that account.

The reason I know they don't need the password is as follows. Whilst the money was being spent and my phone was alerting me to this. I changed my PayPal and associated emails passwords. Yet for 10 more minutes afterwards they continued to spend the money. I only stopped it by removing my bank details from pp.

Phoned Halifax about this to tell them to not let the money go out and was send to the same fraud department. Needless to say the nice woman on the phone informed me that they had seen a spike in PayPal related complaints.


Take it for what you want. But i won't use it anymore.
Click to expand...

You can use hte PayPal instant service that requires authorisation the first time via your password so its not a loophole, your pay pal account must have been compromised at some point, which does happen as they don't use two factor.

Whatever the current flavour of the month target is for fraudsters happens to all banks they don' t discriminate and I can assure you that there's nothing happening with any "loophole" and Paypal, theres some confusion here. Obviously its your choice how you pay but paypal is one of the most secure, So much so I prefer it over my debit / credit card.
 

Stretlow

Stretlow

Stretlow

Associate
Joined
5 Aug 2013
Posts
457
darael said:
Although I don't store card details with Overclockers, is there still a risk that details from any cards I have used in the past could be at risk? Either way, I'm changing all my Overclocker's passwords - main site, forums and trust.

I use LastPass to generate a password for me, usually to the maximum length I can get away with. I then use Firefox to store my passwords.
Click to expand...

No as you cant retrieve the card information, i haven't checked but more than likely you'll be required to also input expiry dates and/or CVV codes during purchase.

You're also covered for any unauthorised transactions providing you haven't been negligent with your info... so your're good mate
 

darael

darael

darael

Soldato
Joined
10 Jul 2010
Posts
6,312
Stretlow said:
No as you cant retrieve the card information, i haven't checked but more than likely you'll be required to also input expiry dates and/or CVV codes during purchase.

You're also covered for any unauthorised transactions providing you haven't been negligent with your info... so your're good mate
Click to expand...
That's good. All my passwords with Overclockers are now 256 characters in length!
 

KIA

KIA

KIA

Man of Honour
Joined
14 Nov 2004
Posts
13,785
harry5522 said:
Take it for what you want. But i won't use it anymore.
Click to expand...

None of this was PayPal's fault. You can avoid the fallout from future attacks and leaks by using a password manager (LastPass, 1Password, etc) to generate complex passwords.
 
You must log in or register to reply here.
Back
Top Bottom