I don't bother looking for hijacked accounts much these days unless someone sends me tips, but they are still ongoing same as they always were.

Perhaps not so much now that there are easier ways for the money scammers to achieve their goals.... such as purchasing fake ebay and paypal accounts, or taking advantage of Paypal's flawed password recovery procedure to take over accounts.. Oh! And now just keeping an eye on AntiSec leaks...

But I digress.... Notice the pink highlighted portion? At $39.95, that keyfob is NOT a bargain! Believe me. It's hacked and cracked. It has been. Chances are that whatever 'credit card' sized replacement they've made for it is vulnerable too. rotflololol

What kind of scam is this?

Uploaded with ImageShack.us

I made a video quite some time ago pointing out a few things regarding the keyfob.

At this time I'll let on to the rest of the story...

Happy reading.

"If seven maids with seven mops swept IT for a half a year,
 Do you suppose", the walrus said, "that they could get IT clear?"
"I doubt it", said the carpenter, and shed a bitter tear.

Hacker uses PayPal to access bank account

Story Created: Jul 29, 2011 at 8:14 PM

(full video report at link)

NAPLES, Fla. - A woman has her PayPal account hacked by a thief that takes hundreds from her bank account.

The woman said the suspect transferred $730 from her band account into a Bank of America account by using PayPal accounts and depositing the funds.

The Victim says the transfers happened this week when the suspet transferred $300, $300, and $130.

PayPal flagged the account when they discovered an attempt to transfer $10,000 from the victim's account.

Local tech experts say sites that save your bank account information make consumers a higher risk of similar crimes.

"unless you check your accounts daily and multiple times during the day to check the transactions - somebody can sneak in and try and steal your money," said Neil Wexell, a computer technician at The Byte Shop in Naples.

( ^ emphasis added)

iTunes Hacked, Linked PayPal Accounts Drained In Ongoing Problem

I've been rather surprised to learn that fraudulent purchases on iTunes accounts have been an ongoing problem for over a year and that some linked PayPal accounts have been drained in the process. This is bad news for Apple, who don't seem to be responding effectively, and even worse news for iTunes users from music sellers to fans.

Scott Hanselman's recent ComputerZen post on iTunes account hacking was the first I'd heard of a problem that began showing up on Apple Support Communities in late 2010 and continues to this day. The Next Web has related accounts involving rogue apps that were revealed as far back as July 2010.

From a TechCrunch post on August 23, 2010:

read the rest...

Smart people will avoid paypal and iTunes like the plague...

I stumbled over this pretty big hijacking/ account takeover earlier. Same basic M/O as usual, the difference this time being the stature of the sellers hijacked.

Another thing, ebaY has been imposing limits on numbers items listed in certain categories etc like never before. For the hackers to be able to insert this amount and type of items again points to either them having a trick to get around the alleged fraud filters and/or other, newer seller limitation rulesets, or to have insider assistance.

That aside from how the account logins were acquired in the first place. Are we really to believe these very experienced sellers all fell for phishing ploys?

First the sample fake listing...

Uploaded with ImageShack.us

Now the victim/sellers: globalgolf

Uploaded with ImageShack.us

Uploaded with ImageShack.us

Last but not least, bobs618, who seems to have some active fake listings as of right now

Uploaded with ImageShack.us

As an aside, if you look at the golf club seller's feedback, you have to wonder why they are even still there, considering that small sellers with scant fractions of the percentage negs have been exterminated?

But the real comedy comes when you read about the incident on the ebay forums.

Note: If this image vanishes you can always see it documemtned in the accompanying video

Uploaded with ImageShack.us

Then you realize that at least one seller had to end the fake auctions themselves, because sleazebay was asleep at the wheel. Again.

Uploaded with ImageShack.us

Just another stellar example of why you need to avoid ebay like the plague.

More video documentation of the sudden wave of account take-overs on slaezebay from Doc of ebaymotorssucks.com

eBay Top Rated Seller MonkeyGamez Account Hijacking 390347840587

Another Hacked eBay Sellers Account - ACOPELAND1

and a humble contribution from yours truly

ebay Hacked! Top Rated Sellers Under Attack

Latest victim/seller: clccarolynl2010

(Who is NOT a top rated seller, feedback score was 71)

I'm not sure if they were removed by ebaY, the seller,  or simply ran their course.

The bogus iPhone ads were identical to those exposed in a very recent video which  I posted to youtube:

ebaY TRS hacked fake iphone joohnkoo

Uploaded with ImageShack.us

So much for ebaY's alleged fraud filters, various seller limitations and whatever detection methods they have to ban certain links and images within listings, as they recently enacted...

That is another indication that the site is HACKED, not just 'simple phishing'.

Stay tuned for more stuff.

It would appear that either hackers have yet another way into Paypal, via  GMarket somehow, or they have some more insider fraud on their hands. There are not any other plausible explanations for this.

(Gmarket is a part of ebaY.)

What would you do?

Oct 6, 2011 02:48 PM

Reply

On Oct. 1st, I received notice via email that PayPal had made payment from my checking account in the amount of $681.24 to an Ebay owned company called Gmarket. This was not of my doing and I immediately (within an hour) disputed the charge through the resolution center at PayPal. On October 3rd the amount was deducted from my checking account. Had I known that PayPal would not stop the transaction I would have called my bank the Monday morning of the 3rd and notified them of the fraudulent request. But regretfully I didn't. I'm not sure it would have made a difference as I have since contacted them and they informed me that it would take 10 days to investigate before they could take any action.

In the meantime, I am awaiting the 7 day "use my money for free" period that Gmarket has to respond to my dispute. They have my $681 and I have been trying to juggle funds here to avoid any overdraft charges. It seems to me that this is a case of a scammer making all the rules and calling all the shots while using my money - at my expense. Is my only recourse to just wait the 7 days and hope that PayPal comes through?

I have called PayPal and they say to contact my financial institution. I called my financial institution and they say it's a 10 day wait. I have emailed Gmarket and got no response. I have contacted Wells Fargo Bank, who initiated the ACH for Gmarket and they say they have no control over Gmarket or my money. Gmarket has no phone number and they are located in Korea. I would think this whole thing is really fishy since Ebay owns Gmarket and PayPal. I am not a registered member of Gmarket and never knew they existed until they took my money.

I know there are a lot of experienced buyers and sellers here who have been there and done that....What would you do? Is this a more serious offense because they are all bedfellows who are manipulating me and my money? I mean illegal in a different way than being an ordinary hacker/scammer just trying to steal my money. Any suggestions appreciated.

...(now skipping to post 156...)

Oct 16, 2011 11:08 AM

Reply

I just received an email this morning saying I sent a successful payment of $834.77 USD to pay@gmarket.co.kr. I logged in my paypal account and sure enough the transaction was there.

I quickly disputed the transfer and called my bank (Wells Fargo). Since the transfer was not pending or there yet, they told me they could not do anything. So, I quickly transferred all my money in that account to another account and I will dispute it when I get a NSF charge. I am also putting a hold on that account tomorrow.

Ebay needs to fix this. If I didn't check my email today (Sunday), I would of been out $834.77 and that would of really hurt!!!

(screencapture of page 7, including the Original Post)

Uploaded with ImageShack.us

If you read the entire thread, you'll see the very same old tired, overexposed shills, reading from the very same script. It's classic ebay forums flim-flam through and through. It's easy to pick out the 'funny' parts and players

It will be interesting to see how many more similar reports pop up.

How long, and with how many victims have the iTunes/Paypal hackings & account drainings been ongoing now without resolutuion?

Close your PayPal accounts now, before this happens to you.

I see the hacking and account takeovers at ebay are still going strong. Business as usual. LoL. Here is a member who had no less than 762 fake iPhone listings inserted into theirs.

Uploaded with ImageShack.us

I didn't get a chance to view the listings before ebaY began to remove them, so I'm not sure whether they just contained instructions to contact outside of ebay or something else, but there was this little thing on trendmicro about redirects within fake iPhone listings.

Now here is a particularly troubling look at a hacking-related LieWorld Moderation Fail

("LieWorld" is ebay's sleazy forum moderation service, and self-admitted professional undercover liars in case you were unaware)

But to the point, they left up the live phishing link on their forums for anywhere +/- 36 hrs, even actually had their forum "helpers" bumping the post! Failed to report the site apparently too.

They then redirected the post, once pulled, to an ebay login page, as opposed to the normal 'error' page! Very strange... isn't it?

Complete visual documentation at links. Don't miss it!

Just a little reminder tha these account hijackings are still ongoing... using the same method of having an image with instructions to contact the scammer via email. In this example the seller (victim) has 3 expensive (imaginary) dive masks, one of the scammer's favorite baits. There are many many more examples there right now with very expensive items across the range of categories.

Uploaded with ImageShack.us

Of course this has been going on for years and there's nothing ebay can or will do to stop or prevent this. Ebay then sends a bogus invoice to the hijack victim and strongarms them into paying, or they attach or link that now delinquent victimized account to another (often random) member's account and force/coerce them to pay the bogus balance in order to continue operating on ebay/with paypal. All this while ebay knows full well the original victim's account was hacked/hijacked.

It sure looks like there are issues with paypal clients' personal info, doesn't it? Hackers and phishers don't just pull those names out of a hat.

@PayPal Would you tell me where 2 forward phishing e-mail, pls? Want 2 show it uses name, which advice says doesn't happen - thanks : - )

Uploaded with ImageShack.us

Just a ittle reminder the site is still filled wih completely fake listings. Here's a seller hijacked whom I found with one quick search:

Items for sale from algrihobby ( 344)

Uploaded with ImageShack.us

Here is the sample hijacked listing:

1927 Gibson Style H1 Mandolin

Uploaded with ImageShack.us

here is the url of the image contained in the hijacked listings:

http://infopicseb.com/b.jpg

I find this hilarious of course for more than one reason. First, ebay bots are now interfering with normal communications between buyers & sellers by false flagging of email messages purported to contain offers to conduct biz off ebay etc. Bu they're not able to find these? bwhahahaha!

Second, apparently this hijacker isn't aware they could just go buy a fake ebay and paypal account or complete Fake ID packages at any number of places and scam like there's no tomorrow.

Longevity, feedback score etc etc all mean nothing on sleazebay now, with the proliferation of the fake accounts.

Victims wil never even know when they've landed on one of those listings until after they've ben scammed. It may well be a sad Holiday for lots of folks shopping sleazebay this year.

I put this on my Cappnonymous blog due to the stature if the seller hijacked. There was at least 2 other victims that night, one of them, ebay member ks3311 finally got their items/seller list cleaned up sometime today. I wonder how many buyer victims there were?

ebaY Shooting Star munchkinscakes08 Hijacked

Things are starting to heat up a little on sleazebay with the account takeovers. No Batboy sightings yet but something about the nature of the scam listings sure has a familiar ring to them. Ongoing event, as the victims'a accounts are still loaded with fake listings. Ebay is aware of the hijackings but they've deleted multiple forum posts warning people instead of taking down the fraud listings.

ebaY Sellers get Crucified on Easter Weekend