PayPal problems - mysterious Skype charges

[Rik]

El Reg is reporting a possible scam, "Vulture Central is keeping its eyes peeled for some sort of PayPal glitch or security breach, following reader reports their accounts were debited overnight to pay for Skype services they never ordered.

Both readers are UK residents and longtime PayPal users. Both logged in yesterday to find their accounts had been charged to secure accounts with Skype.

"I doubt it's a phishing attack," reader Neil Lucock writes. "I download all email to a Linux box, don't view mail as html, don't click on links unless I've looked at the code to see where I'm going and turn the machine off unless I'm using it."

And yet there he was staring at five charges for £11.50 that were made the previous night, while his computer was switched off."

[Inactive]

Thanks Rik, ( rushes off to check Paypal A/C. )

[Sebby]

Hmm, I wonder how this one works.

[Rik]

Probably not too differently to all the others. I'm becoming a tad paranoid about online payments.

[Sebby]

Exploiting a PayPal vulnerability?

[Rik]

Exactly.

[Sebby]

 

[Niall]

You can bet any amount of money that Paypal won't admit to being in the wrong if it turns out to be a fault of theirs. They'd rather blame everyone else for misuse and people falling for scams; the main reason I don't use them at all. Ever.

[somanyholes]

has anyone here used the paypal virtual debit card, that is one time use only? It looks pretty good, and would solve a lot of problems from what I can see. If you haven't heard of it more info available here

http://www.paypal.com/cgi-bin/webscr?cmd=xpt/cps/account/VDCFrequentlyAskedQuestions-outside

[Sebby]

I'll have to check that out.

[Rik]

has anyone here used the paypal virtual debit card, that is one time use only? It looks pretty good, and would solve a lot of problems from what I can see. If you haven't heard of it more info available here

http://www.paypal.com/cgi-bin/webscr?cmd=xpt/cps/account/VDCFrequentlyAskedQuestions-outside

Nice find, So. 

The only problem I see is this clause:

"When you install PayPal Virtual Debit Card, you'll be asked to choose your bank account, PayPal Buyer Credit, or PayPal Plus Credit Card as a Backup Funding source. If you do not have any money in your PayPal balance, PayPal Virtual Debit Card will withdraw the funds needed to complete a transaction from your Backup Funding source."

That would leave you liable with your bank for any losses.

[Simon]

Not if you use a credit card, would it?

[Rik]

I presume you would get away with it on a CC, but after recent events, I'm a little cautious.

[Simon]

Perhaps naively, I feel slightly safer making payments though PayPal, where available on websites.  I guess it's because I'm not giving direct access to my card details.

[Rik]

OTOH, if you give PayPal unfettered access to your card... 

[Simon]

I can't see how one could 'fetter' it.  They either have access or not.  Personally, I've never had an issue with PayPal.

[Rik]

That must mean giving them a CCA though, something i never do.

[Simon]

Yes, I suppose it does, but otherwise, you have to use a bank account, and we're back to it being your money, rather than the bank's,

[Rik]

No easy answers anymore, Simon.

[Simon]

Indeed not, but I would find it very hard to do without online shopping now.

[Sebby]

[Rik]

Me neither, but I am increasingly wary.

[Simon]

It's getting past the stages of 'once bitten...', when you've been 'bitten' three or four times.

As an aside, I was musing today, and wondering which is actually safer - the retailers that store your card in a database, so that you don't have to enter it each time, or those that don't.  Are your card details safer in a database, than traversing over t'internet each time?

[Sebby]

Good point.

[talos2]

I think leave it with them, if you have a problem you know where to start looking, but if you send fresh every time you take the same risk of skimming every time, with no trail to follow, and of course the odds get shorter

[Rik]

Also, if they do store the card, their systems will have been approved by their bank.

[Simon]

  You then risk their database being hacked.  It's swings and roundabouts, as far as I can see.

[Rik]

OTOH, if the database is hacked, the liability will not be yours.

[Simon]

True.  I was seeing it more from a preventative perspective than the liability aspect.

[Rik]

The only absolute protection is not to buy online.

[somanyholes]

we seem to get penalised for preventative where as the retailers dont.

[somanyholes]

The only absolute protection is not to buy online.

or to use your card in a store, or to take cash out of the hole in the wall. lol

[Rik]

It could be skimmed in a store, So. You could get mugged at the cash machine. 

[somanyholes]

thats what i meant mate 

[Rik]

Sorry, irony mode running slow this morning.

[Simon]

How about we never go out, and never buy anything? 

[Rik]

Get onto a fixed fuel tariff first!

[Lance]

  You then risk their database being hacked.  It's swings and roundabouts, as far as I can see.

A lot of retailers will store the details of cards used anyway - just look at the TX Maxx episode! Whether or not you can recall these details next time you shop on the website is a different matter.

[Sebby]

Maybe it would be better if money didn't exist.

[Rik]

True - let's go back to barter.

[Sebby]

[Simon]

Who will give me a carrot for this spare Windows Vista license? 

[Sebby]

Sorry, I'm not prepared to give up a whole carrot for it. How about half?

[Simon]

 

[Rik]

I'll swap two sprouts for the carrot. 

[Sebby]

[Simon]

Ah, now, for two whole sprouts, I'd be willing to barter a full year's subscription for Norton Internet Security! 

[Rik]

For two sprouts you might have a deal.

[Sebby]

Ah, now, for two whole sprouts, I'd be willing to barter a full year's subscription for Norton Internet Security! 

I'll tell you what, you give me two sprouts and Norton Internet Security, and I'll consider it.

[Rik]

Norton's more two sprouts and a carrot.