PDA

View Full Version : A question about paypal



Formula Jr
12-12-2007, 09:04 AM
How do I know for certain that I'm in the "real" paypal site?

Bear with me if this seems like a stupid question. I'm new to it and just sold something on ebay that allowed a paypal payment to my account. Now I'm not sure what I'm doing. It seems weird that I only enter my e-mail address and then a password. Shouldn't it ask for a certificate or something?

For those that have accepted payments through A Paypal account, what should it look like. And do you get an email requesting that you accept payment.

rustnrot
12-12-2007, 09:09 AM
That's all it asks for...I think. But I would go to the paypal link within ebay. In other words sign into ebay then there should be a button for paypal there and it would ask again for your name and password. That way at least you have a double-layer of security...I guess.

Then log-in separately outside of ebay to your paypal account and verify that the correct transaction is on your log.

Formula Jr
12-12-2007, 09:37 AM
Thanks, that sounds like a better plan. I'll at least know I'm in side ebay first.

I do feel a little stupid now since I didn't know you had to "upgrade" in order to accept certain forms of payment. I don't recall reading that when I signed up.

smoothie
12-12-2007, 10:42 AM
A word of caution...be on the look out for "e-mails" that have the paypal or ebay logo and look like the real thing giving you a link to click on to "update" your account...if you do you could loose a lot of money in a hurry:eek!:

MOP
12-12-2007, 11:05 AM
Ditto on what smootie said, you should get a receipt in the mail shortly. I am new to Pay Pal also but have done a few transactions and have not needed to check my account due to the mail notification.

Phil

Formula Jr
12-12-2007, 12:18 PM
This is what is unusual about paypal. it shouldn't be as easy as it is. Before i got the account I didn't care because all paypal emails were phishing emails. Now that I have an account I have to be certain about what is real and what isn't. I have lately seen some very sneaky phishing methods. it would not be a stretch to follow ebay auctions, especally now that you can ask questions and get a real email address of the seller, wait till the auction is over then pretend you are the buyer sending a paypal phish email. If the timing was right, I can really see how someone might just answer the email with out looking too closely.
Going to ebay first, maybe even testing that a random listing you know about is there or confirming your history and then signing in to paypal seems like the best method. I know this sounds very paranoid. But my other financial web stuff has an extra level of sign in, which is a layer that I can test to see that I'm inside a secure site before the next level of password is asked for. Paypal only has one level of entry. "all or nothing." that just seems very strange to me. My Amtrak account is more secure.....That account will even give partial information only they would know before I complete credit card info. My Bank will not even let me in till I've registered the particular machine I on at the time. Paypal is odd in that it only uses the certificate to encode info that is sent back and forth over the net, but the first and only password is the only real safe guard. I used an entirely different machine to access the paypal account. So it couldn't have known anything about me till I entered this one password. Thats kind of uncomfortable......

Trueser
12-12-2007, 03:27 PM
I would suggest that you purchase a PAYPAL/EBAY key code generator. For $ 5.00 it will protect both of your accounts. The only problem is you need to keep it with you or you will not be able to get into your accounts without it.

Very easy set up and this is the same security that banks use.

Mr X
12-12-2007, 09:35 PM
Very interisting! Where can I buy one of these key code generators?

Trueser
12-12-2007, 11:49 PM
https://www.paypal.com/us/cgi-bin/webscr?cmd=xpt/cps/securitycenter/general/PPSecurityKey-outside


ships in 4-5 days for $5.00

Mr X
12-13-2007, 05:53 AM
Thanks, I just ordered it!

BUIZILLA
12-13-2007, 07:21 AM
I just ordered TWO of them for family use

can't be too safe these days

great tip, thanx

MOP
12-13-2007, 09:22 AM
I saw this and thought it was a great idea and mentioned it to a freind that brought up an interesting question how does it work with no physical connection to the computer, I could see if it had a USB or similar hook up. It in some way would need to transmit the new added code to Pay Pal.

Phil

Trueser
12-13-2007, 12:03 PM
The way it works is it generates a number every 30 seconds. Has nothing to do with USB. When you login you first enter your username/password Then it ask you to enter the 6 digit number from your POD.

This is the safest way to protect your EBAY/PAYPAL accounts.

The only thing I dont like is you need to carry it around with you. If you use your accounts away from home.

MOP
12-13-2007, 03:39 PM
I thought about it and what it must do is generate sequence specific numbers, that way PP will know that is just not a random set.

Phil

Trueser
12-13-2007, 04:10 PM
Phil,
The number is generated another way. It does not go in order. Has something to do with time....

Again this is what most banks use for high end money transfer/ Account logins.

Not a bad 5.00 investment

zimm17
12-14-2007, 07:31 AM
Like mentioned before, don't click on a link to paypal from any emails. If I buy something, I follow the link through ebay. If I'm transferring money to my bank account, I type in the "www.paypal.com" in the address bar and look for the little padlock in the corner of your browser which shows you're on a secure website. Also the real website usually asks you to get a paypal credit card first before getting to your account.

Trueser
12-14-2007, 12:23 PM
https://www.paypal.com/

S= secure

knots2u
12-14-2007, 01:58 PM
Be careful about registering a bank account with PayPal. If there is a problem with the transaction PayPal can withdraw (part of the agreement) the funds in question or totally freeze the bank account. Do a google search on "paypal nightmares". You are better off just registering a credit card. I personally have never had a problem with PayPal, but it can happen. PayPal is not regulated by federal banking laws, keep that in mind. Also get the PayPal card that is tied to your account, that way you may immediately withdraw the funds from your PayPal account, no waiting for the transfer to your bank - while they float your money.

smoothie
12-16-2007, 08:11 PM
Heres what the phishing emails look like that show up in your Email:
Please Update Your Account
Dear valued PayPal member:
It has come to out attention that your PayPal account information needs to
be updated as . part of .our continuing. commitment to protect .your account
and to reduce the instance of .fraud on our website. If you .could please take
5-10 minutes out of your online experience and update your personal records
you will not run into any future problems with the online services.
However, failure to update your records will result in account suspension.
Please update your records on or before December 17, 2007.
Once you have updated. your account records, your PayPal session will not
be interrupted and will continue as normal.
To update your PayPal records click on the following link:
https://www.paypal.com/cgi-bin/webscr?cmd=_login-run
PayPal, Inc.
P.O. Box 45950
Omaha, NE 68145
Sincerely,
PayPal
The $5.00 gismo wont do ya any good if you click on the above link and fill in the info.

Trueser
12-16-2007, 09:26 PM
The $5.00 gismo will stop anyone from entering your account unless they have your gismo in there grubby little hands.

If you use Paypal or Ebay I would invest the $5.00.

Unless you enter the 6 digit number you will not be able to use your account. And the secure part is that the number is only good for 30 seconds once you push the button.

I just used mine to Donate to Scot.


USER NAME:xxxxxxxxxx
Password: xxxxxxxxxxxx

security KEY XXXXXX

smoothie
12-18-2007, 12:37 PM
Yes I agree...Well worth the $5.00 for some added security for you to use to get into your accounts..But it doesnt stop the grubby little hands from using your E-mail addy...Heres a new phishing email that I havent seen before.

Dear PayPal Member,

This email confirms that you have sent an eBay payment of $46.85 USD to franz2nutty@yahoo.com for an eBay item using PayPal.


Payment Details
Transaction ID: 8H273150XN522260H
Item Price: $46.85 USD
Total: $46.85 USD
Order Description: Digimax 134
Item/Product Number:
(4198125020)


Note: If you haven't authorized this charge ,click the link below to dispute transaction and get full refund

Dispute transaction (Encrypted Link )

*SSL connection: PayPal automatically encrypts your confidential information in transit from your computer to ours using the Secure Sockets Layer protocol (SSL) with an encryption key length of 128-bits (the highest level commercially available)

Item Information
eBay User ID: a1paramount
Name: Thomas Smith
Address: 809 Mallory Court
City: Tyler, TX 75703
State: United States

Thomas Smith has provided an Unconfirmed Address. If you are planning on shipping items to Thomas Smith, please check the Transaction Details page of this payment to find out whether you will be covered by the PayPal Seller Protection Policy.


If your email program has problems with hypertext links, then you may also confirm your email address by logging into your PayPal account at www.paypal.com/us. On your My Account page you will find a "Confirm Your Email Address" link. Click on this link and enter the following confirmation number:

1242-2584-9350-3815-5762


Thank you for using PayPal!
The PayPal Team

Formula Jr
12-18-2007, 03:17 PM
The key fob may be just false security.

http://arstechnica.com/news.ars/post/20060711-7237.html

You still have to be sure that you connected to a real site.

Trueser
12-18-2007, 04:00 PM
You need to have a paypal favorite and use that to login. Never use a link out of an email.

And yes nothing is perfect. I would prefer not to use PAypal at all but it is what it is.

You need to make sure you see the security lock on IE before you leap.