I usually check my emails right after I wake up and received a PayPal email receipt this morning that told me that the amount of $480 was transferred from my account. I first thought that this was a phishing email and checked the links and headers but it turned out to be legit. I was slightly nervous at that time and decided to log into PayPal to see if the transaction would be found there as well.
Imagine my surprise when I discovered that a payment for all the money in the PayPal account has been made at 23:35:35 PDT to Santrex Internet Services. I was not awake at that time which could only mean that someone else managed to make the transaction. The question is how.
I contacted PayPal and filed for unauthorized payment and did contact the "seller" as well who replied telling me that someone did buy Virtual Servers for the money. I'm pretty sure that I will get the money back, the question however is how someone was able to make that transaction in first place.
The possibility is there that someone was able to get my password for PayPal somehow and made the transaction that way. I'm not sure if there is a possibility to make a transaction from PayPal without logging into the account. It does not look this way.
I checked my system with latest anti-virus software and found nothing. I also checked the PayPal account settings and changed the passwords there. I will change all passwords for all sites just to make sure that someone did not get them all.
The strange thing is that the payment was only made for the amount that I had in my account. Anyone ever heard of something like that? The real question is how the attacker was able to get access to the account as it is unlikely that transactions could have been made without my PayPal login data.
Update: I got my money back but was not able to figure out how the transaction was done in first place. I have since then ordered a security key and have used it since then as a second line of defense.
Now You: Had troubles with PayPal in the past? Share your story below.
Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.
We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.
If you like our content, and would like to help, please consider making a contribution:
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.