Hacker claims PayPal loophole generates FREE MONEY A PayPal loophole can be exploited to earn free cash according to a convicted former NASA hacker turned white hat. Fraudsters can double their money, says Razvan Cernaianu, by funnelling cash into a mule account before filing for a transaction refund. To pull off the rort* a fraudster needs three PayPal accounts. One is a …
You could pull off essentially the same stunt with a limited company in place of the seller account and using credit cards for the "purchase", or in fact any arrangement that doesn't have some form of withholding to back a payment protection scheme. This isn't a bug, it's a risk of doing business for payment platforms.
Similar thing happened to a small biz I used to work for. They were two businesses operating out of the same building. They bought everything through company, claimed the VAT back and then sold services through the other one but never paid VAT to HMRC. They got away with it for over a year before we turned up for work one day to find the blinds still drawn and the doors locked. Bastards.
Recently had a case. Bought something for £100 ish but it was not as described. I raised a claim to return it and it was accepted by the seller.
E-bay e-mailed me to say they would be sending a postage paid label to send it back. This never arrived so I sent it back recorded and marked that it had been dispatched with the tracking number.
The seller was not in so the goods were kept at the post office with a delivery card. However the seleer didn't collect for over 10 days and e-bay just closed the case down as the case hadn't been update or further claim made in the required time period, no warning nothing. So now the seller has the goods back and my money and won't respond to me. E-bay will not help AT ALL!
They kept saying about their buyer protection which I kept saying "doesn't work" as it is just a facade that is simple for a seller to overcome.
All a seller has to do is waste a bit of time - even communicate with you to say they haven't received the return yet, they haven't had chance to pick it up, the refund is on the way, "oh no sorry I used the wrong details I'll just correct them". A few days for each and the time limit passes, they have the goods back and the money and they've never needed to use a corrct address and their e-mail address is suddenly not valid.
I explained this scenario to E-bay and they readily just said "yes, you can do that", I was surprised but they wouldn't help any more in my case and just said to go to the police.
All a seller has to do is waste a bit of time
These are common scams that unscrupulous buyers exploit, as well as sellers, to game eBay's protection policy. My rule of thumb is to cancel any transaction I'm involved in if a buyer delays payment or a seller delays shipment for anything more than a couple of days.
As an ebay seller, I can assure you there are FAR more ways for a buyer to fuck over a seller than the other way around, exploiting both ebay and Paypal to rip you off. There are plenty of honest buyers and sellers, but a smaller (yet fairly significant) number who spoil it for everyone else. And ebay and Paypal just don't want to know, in spite of all their bullshit "protection policies." Like another poster said, buying and selling on ebay is a gamble. That's why every transaction I do on there now (buying and selling) never exceeds £50. I even factor a percentage of loss-making transactions into my figures to account for money lost to scam buyers.
I'd advise you to make larger purchases on Amazon as it's safer, and if you're paying for something worth £100 or more, use a credit card to pay for it. That way, if something goes wrong and you lose the goods and the money, the credit card company has a legal obligation to reimburse you.
My experience is the opposite.
Not counting "buy it now" from sellers that are basically small shops with a presence on Ebay, in the last few yeasr I've bought at least 30 items ranging in price from a few dollars to several hundred dollars. Never had a problem. Had to file a case a few times, but every time it ended up being resolved to my satisfaction, except for when the seller mislabeled an item, and I was stuck paying the return shipping cost of $10 or so.
A couple weeks ago I ordered some rechargeable batteries from a storefront seller, was sent the wrong type, and the seller sent me 3x many for my trouble and I didn't have to return the wrong ones!
Maybe I've just been lucky.
At AC, I had a very similar thing happen with ebay, the trick is here the seller delays the refund (despite having the good back) for over 30 days and the case closes automaticall with them having the good and the dosh. Simple answer phone ebay, i got a full refund. In the long term the simple answer is just esculate all claims regardless of the seller responding.
Original AC here, I did phone but they refused to help and later I got an e-mail from customer services supervisor who also said there was nothing they could do (specifically as it had just passed the 30 days limit no other reason).
It is ridiculous, all they need to do i ssee that the goods have been dispatched back to the seller and check (automatically) the tracking number. If it shows goods have been returned then the case shouldn't be closed.
Oh how I love PayPals payment protection.
I only used it once, years ago so it might have changed, but I bought an item that never arrived, turns out it was part of a big scam. No probs, thought I, contacted PayPay who said 'Yep, well known fraudulent seller, here is 80% of your money back'.
Then got in touch with my credit card provider, explained how I had been defrauded and wanted to check there would be no come backs, 'no problems said my cc provider, do you want to initiate a charge back on PayPal as we will recover 100% of your money back'.
Well, you can guess what I did. You should have seen the snotty email I got from PayPal :)
You might get one refund if Paypal didn't figure out the shell game but I guarantee you wouldn't get two refunds processed as Paypal manually monitors all refunds and can determine if accts. are fraudulent before the funds are refunded. First you'de need to be able to get approval on virtual credit cards which isn't likely to happen either. So the hacker was not as smart as he thought and the chance of making this shell game work are about zero.
On the other hand, you could use this method to get someone else's paypal account shut down for fraud. Just make your victim's account the third one (as described in TFA), and they will end up with money in their account, while the attacker claims it back, making their account look like it's a mule, and the attacker not out of pocket.
Try convincing PayPal that you're legit when money is turning up in your account from this scam.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
