When I woke up this morning, I checked my email and I saw an email from Paypal saying that I added a credit card to my account. My heart skipped a beat. I knew that something was wrong as this event happened 3AM and I definitely did not do it.
I immediately logged in to my account and true enough, a 2nd credit card was added to my profile. I immediately sent an email to Paypal using their resource center on their webpage. I couldn’t find an option with my problem so I just chose “adding a credit card”. Then thinking that the hacker might login and do more damage, I immediately changed my paypal password. At this point, I didn’t know that the hacker have done any transactions since I didn’t receive an email about any transaction aside from adding the card to my profile. But remembering a blogger who previously posted about her own experience, I checked the history of my transactions and saw that a transfer or payment was made to the added credit card. There was a $27 transaction that I didn’t make!
I called Paypal using their US number and an automated machine answered my call. It was a waste of time as my concern wasn’t on its list of menus so thankfully after 5-10 minutes of waiting, I was able to talk to a person but sadly, I was passed to a second person, and a third person. The third person finally was able to help me with my concern. She asked me to reset my password but after telling her that I already did that, she immediately removed the fraudulent card and reversed the transaction made. I was on the phone for 24 minutes. Thankfully, Paypal didn’t give me a hard time reversing that fraudulent transaction though I would have to pay a thousand pesos or more for that call I made.
I have been using Paypal for about 7 years now and I have never been hacked. This was my first and I certainly hope it is my last. I still don’t have a clue how my account got hacked. The only thing I can think of is not changing my password often.
Through this experience, here are some protective measures that I will enforce to avoid this problem in the future:
Change my password after every online transaction. Since I use Paypal to buy online thru sites like eBay, Rainbow Resource, GoDaddy, I should remember to change my password after every use so that there is no record of my password on any other site.
Check my email often. I was thankful that I happen to check my email as I woke up so I was immediately able to contest the fraudulent activity.
Never use the same password for emails and other site. Sometimes it is hard to remember and organize passwords but it is important to never use the same password for email and other sites that I regularly visit. So that when one account is hacked, my other accounts are still protected.
Be wary of online sites you visit. There are many sites that I visit asking for myu email address for subscription purposes and others, I need to be wary of these sites and make sure that I don’t use my email or Paypal or Facebook passwords on these sites.