Sombody has 'hacked' my email and Paypal Page 1 / 2

puddleduck00, Apr 5, 3:42am
No idea what to do. I've cancelled my credit card. THey've change my paypal password, my email password and secret question.

puddleduck00, Apr 5, 3:42am
It's actually a person because my secret question has a threat to 'mince' my PC as they've recorded my IP and MAC address!

gibler, Apr 5, 3:43am
contact paypal!

ferita, Apr 5, 3:48am
You should scan your computer for trojans or keyloggers
grab the free version of emsisoft antimalware and scan it. If you have a keylogger or trojan, it does not matter how many times you change the password etc the hacker will still be able to grab it.

nzlotrfan, Apr 5, 4:07am
My Gmail and Paypal accounts were hacked two years ago (at the same time), found my details posted on some Arabian website (after doing extensive research) later on. Anywho, call Paypal in the States asap and they'll help reset your account. Be sure to change your email acc details too if it has the same password!

puddleduck00, Apr 5, 12:33pm
Bizarre man. Exact same thing has happened to me. My PC came up clean with Malwarebytes and Panda. Have changed all of my passwords on another PC, cancelled my credit card and called Paypal and they've suspended my account and are reversing the charges. But my email is still in his hands. I have no explanation as to how this would have happened - Paypal and my gmail at the same time. Every time they purchased something via Paypal they would delete the email. It came through to my phone (in French, as they'd changed my Paypal language) and then they would delete the email. They got to my email password and alternate email before I could.

sonns79, Apr 5, 6:18pm
Definitely check for a keylogger.
I always use the onscreen keyboard for entering passwords etc because I have been told that keyloggers cant pick it up.Is that correct/

nzlotrfan, Apr 5, 9:11pm
Yeah I remember it being a very scary process. He sent an email from my gmail to hundreds of contacts asking for money, luckily I got a hold of my account back as some people were ready to hand money over! Make sure you contact gmail using the "I can't access any of my accounts" or whatever it is. I submitted the form at about 7am, google had given me back my account by 8am. Apparently my PayPal had been accessed by "a heap of people" so the guy told me on the phone. I managed to track down the guy who hacked into my gmail, he was from France too (he listed his phone number under my acc details) gave him a call later on via skype and gave him an earful!

ladeda, Apr 5, 9:18pm
Same thing happened to my friend (but she is not with PayPal). I smelt a rat because the spelling was bad on the email asking for money and I know what a good speller she is. It was her hotmail that got hacked.

Lesson is do not use paypal with gmail or hotmail as they seem to be easily hacked.

puddleduck00, Apr 5, 10:31pm
I don't think I will ever get my email address back as I never really sent emails from it - and to fill out the account recovery form you need to remember up to 5 email addresses you frequently email. I'm really concerned about how they can do this! I have nothing on my PC and I'm not stupid enough to fall for any scams. The only thing I can think of is my VPN which is Hide My Ass and - neither of which seem fishy at all. If it's not that - it's either Gmail or Paypal that's not as secure as they make out.

nzlotrfan, Apr 5, 11:21pm
I remember being as puzzled as you puddleduck. I am a very careful user, I would never fall for any scams - I know what to look for and what to avoid. At the time it happened (Oct, 2009), I remember Googling about accounts being hacked and I stumbled across a Stuff article posted only a week before my ordeal, saying how thousands of gmail accounts had been hacked into after a Google security breach. I assumed it must have been this. I hope so.

Yeah that's the thing with the account recovery form, if you can remember any addresses, I would advise you give it a go anyway.Unless no harm can be done with that account.

puddleduck00, Apr 5, 11:37pm
Crazy huh. I feel like cancelling my Gmail accounts, this sort of thing should not happen. I have had success with Google and getting my account back - Luckily for me I realised I still had the email headers for the emails in Thunderbird. I went through their process and they got back to me. Google will investigate if you provide as much info as possible and US$3.00 (it's legit, I checked). I think I'll close the account after I get it back. Once I get my money back from Paypal I will be happy.

puddleduck00, Apr 5, 11:38pm
And now it appears he has my Ebay too. Which I don't care about, there's not a lot he can do except create fake auctions. He will get shut down pretty quickly. Better contact ebay though.

lythande1, Apr 6, 12:56am
Doesn't prove persons at all.
And how does having your IP address accomplish anything!
It's generated by your ISP, every time you shut the modem off and back on, it re-assigns another.

vtecintegra, Apr 6, 12:59am
Its possible the breach happened through the phone.

puddleduck00, Apr 6, 3:09am
Well obviously it's an empty threat. But they were manually deleting the emails related to the Paypal purchases in my Gmail account. I was seconds away from changing the password when they got to it first.

mattie47, Apr 6, 5:44am
I guess an interesting thought would be, now that you have your gmail access back, have a look at the bottom right for :

"Last account activity: 2 hours ago
Open in 1 other locationDetails"

And then you could see where he is that he was accessing your account from. Sucks to hear this Ben. Problem is that there's so many variables where account access could have been optained. Keylogger on a CPIT machine, a dodgy app on your smart phone (I forget if you've got one) but I imagine, possibly entering your details on a phishing site (I doubt it, but if a DNS record got changed to one on a machine you've been on, well, yeah). Stumped really. As I said to you on facebook, hijackthis would be good to run

intrade, Apr 6, 5:50am
you should use linux in future as i bet they did not hack your account but you got microcrap and it is full of virus and keylogers thats how they would have gotten your passwords . I never in hell do banking with a winblows operation system

puddleduck00, Apr 6, 7:37am
Absolute fking bollocks, what rubbish advice. My PC is clean, I have used several difference malware/virus programs to scan. Even did Malwarebytes in safe mode and it came up clean.

puddleduck00, Apr 6, 7:53am
I think the phone app is a definite possibility, I never fall for phishing scams - I have only ever accessed that particular email and paypal account from my Android phone and my own laptop. I haven't quite got my gmail account back, but I anticipate I will have it back by next week according to the form I filled out.

chnman, Apr 6, 8:22am
I use Two step verification with Gmail, which means if I was to login to check my email on the web, I would get sent a text message to my mobile phone, and I have to enter the code into Gmail before it will let me in. Setting up to receive mail through an email client is easier. When setting up two step verification, a code is generated which has to be used for the email client. And if you haven't got your mobile phone when needing to check on web, you can't get in. Although you can print off some codes and put in your wallet for times like this.

This could be a way to use Gmail more safely. Many people prefer not to use their ISP's mail, as if you change providers you usually have to start with a new address.

More details here:

sonns79, Apr 6, 8:31pm
Even Malwarebytes can miss things I remember someone telling me to use another program to catch what Malwarebytes misses.I dont think Malwarebytes can pick up keyloggers.
I use Linux now but when I was running Windows7 I used a program called Advanced Systemcare I paid for it , there is a free version available though, and it was great for keeping malware out.I will be fixing my old desktop and keeping XP on that and moving my systemcare onto that.
I know Linux is great right now but I dont think it will be too long before we get nasties in it.

puddleduck00, Apr 9, 10:44pm
So anyway I got my email back. He'd deleted any trace of what he'd done (so he thought), except I managed to retrieve some deleted messages via IMAP. He signed up to a few file hosting websites (premium accounts) at my expense. I managed to steal one of the file sharing accounts with the forgot password link. His email address is modymn (gmail). I wonder what I can find out about him.

olack, Apr 10, 4:31am
hahaha, last post puddleduck00.

martinhb, Apr 10, 5:18am
Appears to be a 24 year old male from Alexandria, Egypt.


Share this thread

Buy me a coffee :)Buy me a coffee :)