WTF Paypal?
-
Apparently, I just paid $70 for "Sample Buy Now Button" to something named NorasStore.
Also I'm kind of fickle. Minutes before, I also dropped $500 on the fabulous thing called "252 Giga Store". But then I immediately changed my mind and got refunded (minus the paypal cut).
Yup, I'm disputing these, then removing my credit card from paypal.
-
You should probably consider changing the passwords too!
-
And this is why the card I have connected to PayPal never has more than $5ish on it unless I'm buying something at the time.
-
Is this from email notifications, or in paypal proper? I recently abandoned an email (as in, burned it down and went to gmail which supports proper filters and +name syntax) because of this, which has been ongoing for a few weeks now, and it's all phishing scams.
-
-
If that's from paypal proper, there is two options
- Someone stole your details and charged your account
- Some merchant passed your details to the Non sandbox site (paypal uses the same url format for sandbox and real url. Leave off the sandbox tag, but test with real customer info and you'll cause this) (and the rest test site probably wouldn't have a real store name if they are setting up a new shop)
-
And this is why the card I have connected to PayPal never has more than $5ish on it unless I'm buying something at the time.
Smart, but I'm too lazy for that crap.
Is this from email notifications, or in paypal proper? I recently abandoned an email (as in, burned it down and went to gmail which supports proper filters and +name syntax) because of this, which has been ongoing for a few weeks now, and it's all phishing scams.
Nope, real.
-
If that's from paypal proper, their is two options
Someone stole your details and charged your account
Some merchant passed your details to the Non sandbox site (paypal uses the same url format for sandbox and real url. Leave off the sandbox tag, but test with real customer info and you'll cause this)It seems no one messed with my account. Leaning towards second.
Which means at some point I bought something from NorasStore. Except, I can't find anything in their godawful late 90-ies interface.
-
And now I can't disconnect my credit card. Great.
-
Chances are good it was an eBay or Amazon purchase if that's true, that's the majority of random shop purchases with paypal.
And that's normal bank security, the fraud department will help you, be sure they know it is FRAUD not a DISPUTE @cartman82 do not miss this important differentiation
-
Smart, but I'm too lazy for that crap.
Google Wallet Cards will only work if you have money in your Google Wallet, and it's easy to transfer money into and out of your Wallet. I think PayPal offers something similar, but I have not looked into it.
-
Why the holy fuck would someone in 2016 be using Paypal still? After all the horror stories, a dozen a year, about them fucking up and stealing people's money? Even from charities!
Look, at this point, you deserve whatever you get. Dumbass.
-
And that's normal bank security, the fraud department will help you, be sure they know it is FRAUD not a DISPUTE @cartman82 do not miss this important differentiation
I did this.
That's the only link that was given to me, and sounds like it matches my situation.
In the list of tickets, I now have this:
I guess.... that was a claim dispute?
-
Why the holy fuck would someone in 2016 be using Paypal still?
Because some of us don't live in the US and some of online stores don't work with our banks directly, even when using a Visa for example? That's the reason I got a PayPal account years ago at least.
And yes, it still happens at times. I know I had to use PayPal for League of Legends store last time I was buying shit for my sister there.
-
Why the holy fuck would someone in 2016 be using Paypal still? After all the horror stories, a dozen a year, about them fucking up and stealing people's money? Even from charities!
Look, at this point, you deserve whatever you get. Dumbass.
Give me an alternative that's as widely available (including in places outside of your US gilded halls) and I'll switch. Dumbass.
-
Hard to tell, the status and design is different than what I see with a business account. Paypal phone support is actually pretty good (at least when I called)
They may be asking for proof of claim, but that looks like the dispute process instead of fraud to me.
(Edit clarification, proof of charge / sale from the vendor, not you)
-
They may be asking for proof of claim, but that looks like the dispute process instead of fraud to me.
(Edit clarification, proof of charge / sale from the vendor, not you)
Yeah, they need to prove they delivered my "Sample Buy Now Button" in mint condition.
-
Yeah, the only problem is that is the default code for their api example, they probably get a lot of those charges across the board for legitimate and sample purchases, or maybe you hired a freelancer to implement the button for you.
The product unfortunately doesn't change the procedure to mark it fraudulent, but you can expidite things by calling support and talking to a human instead of an automated machine process.
-
I still don't understand how they would even make the purchase without my password.
And if they did have the password, they could have sucked out much more. Is there something magical about this ~$50 amount, that will help them avoid chargeback?
Very strange.
-
Because some of us don't live in the US
Sucks to be you.
I know I had to use PayPal for League of Legends store last time I was buying shit for my sister there.
So you put all of your money at risk with scumbags and scammers to buy virtual items for a video game. Smart.
Give me an alternative that's as widely available (including in places outside of your US gilded halls) and I'll switch.
Here's my philosophy: if the only way to pay is PayPal, don't buy it.
-
That particular api is a vendor flow, if they have your account number (ie dev data example) or fat fingered it (less likely) it's possible.
Example,
https://www.paypal.com/cgi-bin/webscr?cmd=_dcc_hub-outsideSending previous customer data to non sandbox api is a good way to lose your api access to paypal. Small comfort if it's a legitimate business, still sucks if it isn't because now you have shell companies dinging your account.
One possibility is they got your account number from hacking another store, getting a check, etc.
-
Sucks to be you.
What, no eurobashing? I am disappointed.
So you put all of your money at risk with scumbags and scammers to buy virtual items for a video game. Smart.
That's just an example of last place where I had to use it because nothing else worked. eBay didn't use to work. Nor did Amazon. Nor did hundreds of other stores you would probably consider worthy of your business.
And again, I don't keep cash around on that card anyway.
Here's my philosophy: if the only way to pay is PayPal, don't buy it.
It's nice when the rest of the world panders to you when you want to buy something. Some of us have to make compromises from time to time.
-
Just ignore him, blakey is a dumbass.
If you haven't already, be sure to have two factor auth enabled on your account, and that alerts are enabled to send you an email any time a transaction of over $1 is made. This will give you early alerts to respond to issues before they finalize, and give you a papertrail of your transactions.
-
If you haven't already, be sure to have two factor auth enabled on your account, and that alerts are enabled to send you an email any time a transaction of over $1 is made. This will give you early alerts to respond to issues before they finalize, and give you a papertrail of your transactions.
Yeah, I have all those. That's how I caught it immediately.
-
You can pretty safely rule out someone having your login credentials then. This is specifically someone with direct billing capabilities, and using the api endpoints. (Malicious or incompetence, dunno)
If incompetence, there's probably a batch of people impacted.
-
-
It's nice when the rest of the world panders to you when you want to buy something. Some of us have to make compromises from time to time.
Then get someone in your shitty useless country to found a competitor. You're basically saying PayPal is raking in tons of money despite being utterly shitty because nobody in your country is competent enough to complete with them? How come your banks and businesses are so fucking useless that they ALL have to use an American company for web payments?
How's that for eurobashing?
Seriously, though, it's pathetic.
-
PayPals' security is still simply horrible. I was having major issues trying to update my account, even to the point that I had to get support on the phone to help. Turns out one of the major issues I was having is that my password was too long (about 20 characters). They seemed to have a limit of about 12. That is dumb as a box of frogs, and not documented anywhere (the support person on the phone didn't even seem to know about this one either)
-
And now I can't disconnect my credit card. Great.
You can cancel the card by calling your bank. I realize you might not want to.
-
You can cancel the card by calling your bank. I realize you might not want to.
To point of these cards and paying services is to make things more convenient. Not to have to speak on phone, physically go places, wait in line in front of a teller and god knows what else would be involved with cancelling.
-
PayPals' security is still simply horrible. I was having major issues trying to update my account, even to the point that I had to get support on the phone to help. Turns out one of the major issues I was having is that my password was too long (about 20 characters). They seemed to have a limit of about 12. That is dumb as a box of frogs, and not documented anywhere (the support person on the phone didn't even seem to know about this one either)
S/paypal/bank
Most banks have fucking awful security, from chase and bank of America (which doesn't support 2fa to login, only transferring money out wire style) to credit unions which don't support 2fa and have mostly shitty alert options.
Because of how the gov insures the money, there's little risk to the bank in losing it all, so they have no real incentives to go above minimum requirements. It's cheaper to chargeback than to do proper security to prevent the issue in the first place. (Their logic, not mine.)
Also, those example banks enforce short passwords and ansi number and three or so special characters. They aren't conducive to password generators.
-
Then get someone in your shitty useless country to found a competitor.
Sir yes sir, on it! Let me call a few people, we should have it sorted by the end of the week.
You're basically saying PayPal is raking in tons of money despite being utterly shitty because nobody in your country is competent enough to complete with them?
Tons of money? Wait, can't type, laughing...
Ok, done now. Dude, PayPal probably makes more money in a year than mine and @cartman82's countries budgets combined. Yes, we're prime market, right here.
How come your banks and businesses are so fucking useless that they ALL have to use an American company for web payments?
Because American businesses are probably also useless and a pain to get cooperating? Like every country's banks and businesses?
How's that for eurobashing?
4/10, no "eurotrash" nor references to sheep fucking.
Seriously, though, it's pathetic.
I am now wounded :(
-
Because American businesses are probably also useless and a pain to get cooperating? Like every country's banks and businesses?
Right; good reason not to try: it's slightly difficult.
Look, I hate to break this to you, but everything worth doing is difficult. That's what makes it worth doing.
-
You can cancel the card by calling your bank. I realize you might not want to.
Ok, I just remembered I have a second unconnected account that I rarely use.
So I just dumped most of the money from my PayPal account into that one. Problem (half) solved.
Bonus WTF: When I was creating this second account, I wanted another VISA debit card. No can do. You can only have one VISA account per birth certificate. That's how the system is designed and there's nothing they can do. Had to take a crappy MasterCard that doesn't work anywhere.
Blessing in disguise though, as it turned out.
-
And most of the bigger stores work. Now. They didn't used to. So, something was done.
I still have PayPal as a backup in case nothing else works. I still have to use workarounds from time to time. Google Wallet doesn't work, for example. Can't verify my account, they say. Not that I really need it, I used other means, but shit happens, still. Probably will for years to come. So, backup option.
Also, some American companies refuse to ship stuff here even though they will take my payment gladly, so I have to use proxies to get stuff shipped. Whose fault is that?
-
I still have PayPal as a backup in case nothing else works.
Yeah, I use "don't buy it" as that backup.
Also, some American companies refuse to ship stuff here even though they will take my payment gladly, so I have to use proxies to get stuff shipped. Whose fault is that?
I don't care. What does it have to do with Paypal?
If your country spends all its time kissing the US' backside, maybe just petition to be the 51st State. At the rate things are going, you'll still beat Puerto Rico.
-
I do not recommend canceling your card while an outstanding claim exists. Talk to your bank before doing that. It will cause problems for reclaiming the money, and you don't want to double fraud claim on two banks, because that can result in a double credit and be considered fraud from you
-
MasterCard that doesn't work anywhere
How's that? I use a MasterCard and I can't recall anywhere it wasn't accepted..
-
If your country spends all its time kissing the US' backside, maybe just petition to be the 51st State.
That might be pretty ok, actually.
Do we get the right to consider the rest of the world inferior immediately or is there a grace period before we do?
Also, do we have to send both of our MiGs to help shoot people, or can we keep one at home, just in case?
-
I do not recommend canceling your card while an outstanding claim exists. Talk to your bank before doing that. It will cause problems for reclaiming the money, and you don't want to double fraud claim on two banks, because that can result in a double credit and be considered fraud from you
Yeah, I just extracted the bulk of my money from that account. In case there are any more "mistakes".
How's that? I use a MasterCard and I can't recall anywhere it wasn't accepted..
Hmmm.... I think it was Steam that accepted my VISA, but not this Master thing.
Of course, they are both debit cards with mutated names, not real credit cards (Visa Vutron and Maestro Card, I think). So there's that.
-
Also, do we have to send both of our MiGs to help shoot people, or can we keep one at home, just in case?
They'll both be sold to a warlord who promises to fight ISIS and will eventually be dictator over a Sandy hellhole of a country that spouts hate at the US.You will be issued a detachment of battered old F-15s. Assuming you aren't in fighter coverage range of Ramstein anyway. If you are, we'll close the base.
-
To point of these cards and paying services is to make things more convenient. Not to have to speak on phone, physically go places, wait in line in front of a teller and god knows what else would be involved with cancelling.
Yeah, I understand all that. The point of cancelling the card is that at least nobody else can steal your money.
-
Why the holy fuck would someone in 2016 be using Paypal still? After all the horror stories, a dozen a year, about them fucking up and stealing people's money? Even from charities!
I always thought that visa and mastercard missed a trick here by not having a similar service. They probably could of killed paypal a decade ago.Look, at this point, you deserve whatever you get. Dumbass.
-
Assuming they used the card number, instead of direct ACH information (routing+account number)
-
Bonus WTF: When I was creating this second account, I wanted another VISA debit card. No can do. You can only have one VISA account per birth certificate. That's how the system is designed and there's nothing they can do.
Huuuuuuuuuu? I have three: two Visa credit cards and a Visa debit card. Two cards with FIRST M LAST and one with just FIRST LAST.
-
Maestro Card
Christ I thought they were long dead. My Irish bank threw a shit fit one year and discontinued them forcing everyone on VISA Debit.*edit I was never in a band
-
Huuuuuuuuuu? I have three: two Visa credit cards and a Visa debit card. Two cards with FIRST M LAST and one with just FIRST LAST.
Probably depends on a country. Or bank.
Someone made a boo boo, that's for sure.
-
-
They aren't conducive to password generators.
No repro. My account with one of the specific banks you mention has a 20+ character random password. Unfortunately, 2fa is problematic for me (text messages may take an arbitrarily long time to arrive on my cheap dumb phone, and mobile solutions only work if I'm somewhere my old, hand-me-down, non-phone device can connect to WiFi), but I think the bank supports it.
-
Use any high ansi characters?
The banks I mentioned don't support 2fa logins, they only support 2fa on transfers out of the bank (which is better than nothing, except it doesn't impact payments or ACH debits so people can still draft new payments out of your account without verifications. It's specifically the transfer feature.)