someone managed to get my paypal password

foxybabe

Someone has suggested I come onto the techie board for advice. Someone has managed to get my paypal password and has accessed the account and tried to withdraw money. I have sorted this out with paypal and they are going to put the money back into the account. They had already put limited access to the account as they were suspicious of the e-mails used.

I am concerned how they managed to do this as I am always very careful. I never respond to phishing e-mails or click on links sent via e-mail. Could anyone give me any advice.

Many thanks.

aliEnRIK

First up id suggest posting a hijack log
Download HIJACK THIS (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_hijackthis/
Click DO A SCAN AND SAVE A LOGFILE (Takes seconds) then post the log so we can see whats running
(do NOT do anything else with Hijack but scan and post the FULL log)

This will show us your security etc

Its possible your infected with a keylogger but highly unlikely

Its possible the hacker simply hacked his way in (Especially if its an easy password to crack)

kwikbreaks

Certainly check for a keylogger but IMO the most likely way they got your password is that you typed it in somewhere that wasn't a PayPal page. You need to think back over where you used PayPal recently.

I trust you do use a different password for PayPal than anything else - for example forums, websites, etc. where you could have registered with your paypal email and the same password

zee_2

a lot of fake emails ,had one fom paypal and sent to their security ,NEVER NEVER contact ANY financial site , direct from ANY email ...ir contains bugs ,allways type in site on pc ...also paypal have safety filty free on their site to help ,it is called ICONEX and checks email.

espresso

foxybabe wrote: »

I am concerned how they managed to do this as I am always very careful.

Was the password a dictionary word or a random string e.g. 8146FACEE1A

foxybabe

kwikbreaks wrote: »

Certainly check for a keylogger but IMO the most likely way they got your password is that you typed it in somewhere that wasn't a PayPal page. You need to think back over where you used PayPal recently.

I don't use paypal very often so i can't think of anywhere I could have used it. I have changed the password now anyway.

What is a keylogger? I have never heard of it.

aliEnRIK

foxybabe wrote: »

I don't use paypal very often so i can't think of anywhere I could have used it. I have changed the password now anyway.

What is a keylogger? I have never heard of it.

As you type the word or characters are recorded

foxybabe

espresso wrote: »

Was the password a dictionary word or a random string e.g. 8146FACEE1A

Its not a string of letters. Is that the best option? I always thought password were encrypted(?!) whatever you used.

Leopard

Also, use different passwords for PayPal and eBay and don't use an eBay name and email address that could give clues to your PayPal login.

I'm glad for you that PayPal sorted it and didn't get sticky with you.

espresso

foxybabe wrote: »

Its not a string of letters. Is that the best option? I always thought password were encrypted(?!) whatever you used.

The longer and more random the better. Simply save your random passwords e.g. here in an encrypted file and copy & paste when needed.

foxybabe

Just done a scan and it says nothing found.