We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
PayPal scam
Wisedolly
Posts: 2 Newbie
To warn those with a PayPal account about a scam even if you have double authentication like I had.
I purchased an item on 30 December 2024 on ebay and as usually was prompted to put in the unique 4 digit code for that purchase which I did and it went through. For some reason PayPal transactions go into your delete folder. When I went to my delete folder to do a delete I noticed a transaction to the British Heart Foundation!! Via PayPal with a receipt. I never clicked any boxes and always check thoroughly all my transaction before paying. This British Heart Foundation was via PayPal giving fund!! I immediately contacted PayPal and advised of a fraud. Immediately it was rejected tried 3 times all rejected. When I did manage to speak to someone at PayPal they advised it was not from a third party!! What does that mean.
I also immediately contacted my bank and cancelled my debit card and reported to them fraud.
I have had a PayPal account for around 20 years. When I tried to close the account down it would not. I had to wait 14 days because I had reported fraud they contacted the email address that got my money. Obviously, this scammer would not reply as I had done the same as PayPal using the words scammers and got no response.
Please please make the public aware of this scam using PayPal. When I googled a lot of people have been scammed in the same way. These scammers ride on the back of a transaction you make on ebay or other platforms to bypass your double authentication. There is also in the background a link with your PayPal to ebay and Amazon and other platforms. I had to find out how to unlink. I spent a day researching this scam and how to protect myself. Best solution is to shutdown your PayPal account and use a credit card for online payments.
0
Comments
-
Not sure I've understood the problem you're describing. The Paypal Giving Fund is a round-up system for charitable giving at check-out isn't it?
Not a scam but something you might select, maybe in error, at some point when paying for an item.
It will pay money to, in this case, BHF, not to a scammer, and send you the receipt. As you have found (in your 'delete' folder - I assume you mean your spam folder?).
So it does 'ride on the back' of a transaction made for something else, but is legit. You just have to stop it happening.
See https://www.paypal.com/uk/cshelp/article/how-do-i-request-a-refund-for-a-donation-help205 which says:How do I request a refund for a donation?
Donations to PayPal Giving Fund are generally non-refundable. However, if your donation was made in error or wasn’t authorised by you, review our Donation Refund Policy to learn more.
7 -
I recently made a payment to the PayPal Giving Fund and was suprised that I wasn't challenged for the 2FA token (that Google Authenticator generates). I was suprised at this as means people can donate in you name if they only know your password.
I guess PayPal can always refund the money if you claim someone has discovered your password and used it maliciously, but it feels unsafe. I'm not sure why PayPal would do this.The comments I post are my personal opinion. While I try to check everything is correct before posting, I can and do make mistakes, so always try to check official information sources before relying on my posts.0 -
Did you make a payment direct to PayPal Giving Fund or as part of another transaction (e.g. Ebay) that gives you an option to add an amount to give to PGF?tacpot12 said:I recently made a payment to the PayPal Giving Fund and was suprised that I wasn't challenged for the 2FA token (that Google Authenticator generates). I was suprised at this as means people can donate in you name if they only know your password.
I guess PayPal can always refund the money if you claim someone has discovered your password and used it maliciously, but it feels unsafe. I'm not sure why PayPal would do this.
If the latter then they won't do a separate authentication, as it would be authenticated via the one you'd be making for the other purchase. That is, I assume, part of the whole ethic of the concept, it allows spontaneous donations to a charity when you're paying for something else. Which is what the OP describes as 'riding on the back' of the base transaction. They wouldn't need extra authentication for that.
If you're saying that a completely independent payment to PGF failed to require authentication that is, I'd agree, a concern. But not if it was piggy-backing on an existing transaction for something else.
(btw, OP refers to a 4 digit code, which I think suggests the 'old' text authentication system? I think Paypal no longer support that part from legacy set-ups and now use only authentication apps?)0 -
This thread prompted me to set up an authenticator app on my (little used) PayPal account. I was texted (SMS) a six digit code to log in, and another to enable the authenticator app. Maybe that's different from the old confirmation of purchase authentication.Zanderman said:
Did you make a payment direct to PayPal Giving Fund or as part of another transaction (e.g. Ebay) that gives you an option to add an amount to give to PGF?tacpot12 said:I recently made a payment to the PayPal Giving Fund and was suprised that I wasn't challenged for the 2FA token (that Google Authenticator generates). I was suprised at this as means people can donate in you name if they only know your password.
I guess PayPal can always refund the money if you claim someone has discovered your password and used it maliciously, but it feels unsafe. I'm not sure why PayPal would do this.
If the latter then they won't do a separate authentication, as it would be authenticated via the one you'd be making for the other purchase. That is, I assume, part of the whole ethic of the concept, it allows spontaneous donations to a charity when you're paying for something else. Which is what the OP describes as 'riding on the back' of the base transaction. They wouldn't need extra authentication for that.
If you're saying that a completely independent payment to PGF failed to require authentication that is, I'd agree, a concern. But not if it was piggy-backing on an existing transaction for something else.
(btw, OP refers to a 4 digit code, which I think suggests the 'old' text authentication system? I think Paypal no longer support that part from legacy set-ups and now use only authentication apps?)I’m a Forum Ambassador and I support the Forum Team on the Credit Cards and Budgeting & Bank Accounts boards. If you need any help on these boards, do let me know. Please note that Ambassadors are not moderators. Any posts you spot in breach of the Forum Rules should be reported via the report button, or by emailing forumteam@moneysavingexpert.com.
All views are my own and not the official line of MoneySavingExpert.0 -
Where's the scam?PayPal emails of transactions do not go in the delete folder either. You have set that up by marking an email as spam or some other rule that is catching PayPal.0
-
Reporting transactions as fraudulent that aren't fraudulent can be treated as an act of fraud itself.0
-
only if it's fraud (as opposed to an innocent belief)0
-
Yes/No. You'll not get prosecuted without evidence you were acting with intent. However, if the bank believe it's fraud but can't prove it, they can still do things like close your account and refuse to do any further business with you.Olinda99 said:only if it's fraud (as opposed to an innocent belief)
0
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350K Banking & Borrowing
- 252.7K Reduce Debt & Boost Income
- 453.1K Spending & Discounts
- 243K Work, Benefits & Business
- 619.9K Mortgages, Homes & Bills
- 176.5K Life & Family
- 256K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- Read-Only Boards