Betrugsfall bei Paypal. Ist das möglich?
Hallo, ich habe über meinen Webbrowser etwas in einem Onlineshop bestellt. Es ist ausgeschlossen, dass es sich dabei um eine gespiegelte Version handelt.
Ich habe über Paypal ausgecheckt. Ich nutze eine zwei Faktor Verifizierung. Dass mein Konto als solches dann gehack ist, ist auch ausgeschlossen, korrekt?
Dennoch hat sich während des Bezahlprozesses eine andere Empfängerandresse eingeschlichen. Das hätte ich eventuell beim Auschecken bemerken müssen, habe ich aber nicht.
Es handelt sich um eine Adresse, die ich innerhalb meines Kontos nie als Adresse verwendet habe, die Person ist mir unbekannt.
Ist es möglich, dass dieser Scam so passiert sein kann? Also war es den Tätern möglich, irgendwie während der Datenkommunikation zwischen Meinem Paypalbrowser und dem Shopbrowser was zu manipulieren?
Ich bin gerade ratlos.
(3 votes)
Loading...
Strange.
2FA does not rule out that your account can be taken. It protects you from anyone else who knows your password and account name. It does not necessarily protect you if you enter the data yourself elsewhere or someone can control your current session.
Manipulate the data between your browser and Paypal (man in the middle attack) is virtually just about malware. Exceptions are unsafe system settings (example DNS server change and additionally install a CA certificate). Without local changes to the system, this is virtually excluded by https.
A fake shop page or Paypal page are possible explanations. Normally, the shop transfers the delivery address to PayPal.
Without details it is impossible to call a precise reason.
But it also seems strange to me to change a delivery address. Normally, attackers want to order something themselves and pay with your account to get the money out of it somehow. Don’t take anything from you.
So if I use a current version of Mozilla and the data transfer from the Shop page to Paypal has run over https, it is excluded that this transfer process has been hacked in such a way that someone has entered the address. Can you say that?
So I’m 100% sure it was a real shop page. They have also processed the order correctly with correct article and sent the article. They could confirm that.
The Paypal process also seemed normal. But it is even conceivable that the shop was changed in a way that I came to a fake paypal page. This one, too, was handled normally. So, money booked. I can call the process there, etc.
If you use https, the server is certainly part of the domain that is in the address bar, and the data is protected from manipulation, yes.
Malware in your system or browser can change the data anyway, that would not be at network level.
leg checkout with Paypal there are different variants, you can use the address of PayPal or from the shop page, there is also not so deep inside.
If you have your browser history, you may see if you have landed on the right Paypal page.
It may be that the online shop has a bug when communicating with paypal and thus does not pass the correct delivery address.
Have a little research can be done after working on desktop PC. In the customer account of the webshop, the address is also changed to the wrong person and if I call my order history, this address is also stored in the information as a delivery address for all old orders. Back to 2021. Looks like a mistake in their system. Even though the employee on the phone today said that the address had been taken over by Paypal, it seems more like the address of Paypal was taken over by the shop.
Two options:
Either the shop was fake, or your PC/end device on which you executed the order has been infected and taken over with Schadsoft.
So if the PC was loaded, then it is also conceivable that somewhere between my login and the sending of the transaction, an address has been inserted? Because the shop didn’t get any other address from me. I only saw this as a source of error that this login was captured there. They have taken the Paypal-funded address for shipping and that was just wrong.
Something’s wrong here. You write:
It’s just a manipulation.
But now you commented:
If the address was so stored on your PP account, then it must have been known to you, how would it otherwise be in your account?
“sintered” is wrong, right. The transmitted address. It’s still mine. A different transaction was transferred once. It can also be viewed at Paypal under the information of the transaction.
The problem, if you want, is the unclear separation of sender and emfpängeremail address. 🤷
What do you mean?
Just what you’re presenting again: such inaccurate grammar that you have to interpret what you actually mean.
I see how the co-authors are diligently guessing and guessing.
It is not mentioned at a single point from a sender address and a sender address with a recipient address has not been confused in terms of content. If you don’t have any interest in the help in which you specifically question what you didn’t understand, then the only reason for your present here is that you want to profile yourself against whomever. It’s a bit sad, but if it makes you happy…