Michael Gracie » Paypal

Tuesday’s financial links

Michael Gracie — Tue, 22 Jul 2008 16:00:50 +0000

Just numbers

PIMCO’s Bill Gross says Fannie Mae and Freddie Mac mortgages are ‘excellent’. Why would he say anything else?
AMEX’s high-end borrowers are battening down the hatches, and it’s causing the lender some problems.
An Apple (AAPL) analyst makes a call, and it is spot on.
Countrywide’s reach goes even deeper - “Friends of Angelo” are seeping out of the woodwork.
Dont’ ~~cheat~~ be lazy with your hedge fund job application.
Bank of America is buying Countrywide assets but leaving its creditors behind? Watch and learn.

and…

Paypal competitors beware - few survive, and the rest wind up in prison.

I love getting Craigslist scammed during the holidays

Michael Gracie — Fri, 15 Dec 2006 18:34:09 +0000

It is my favorite time of the year. Everyone wants something for the holidays, and some are willing to try pulling scams from Craigslist to get it.

As a regular reader might know, I just acquired a Blackberry (and by the way, I still haven’t been spammed on it, hundreds of emails later), and I make it a habit of passing the old equipment off on the cheap. So, I am selling this Nokia 6682, which is pretty darn fine condition if you ask me.

And along comes “Greg”…

still selling that phone?
ship to aspen, co?

greg

Sure am…

I do, and I will. I’d say the box is about 0.7 kilo. Will ship USPS with
delivery confirm at my expense. Any other way would be yours.

Michael

Note I converted to kilos, since “Greg” is emailing me from a yahoo.uk.co address - obviously in Aspen for the holidays - how nice is that!

Greg is busy finding phones…

which phone was yours michael?
I sent so many messages,

greg

I reply…

Nokia 6682 with all factory includes, plus Nokia factory car charger.

Damn good customer service if you ask me.

He saw the ad, but needs a price…

how much do you want?
can you ship it tomorrow?
pay pal work for you?

greg

More good customer service…

Here is the link to the listing:
http://denver.craigslist.org/ele/245134028.html (reposted since then)

I’ll ship tomorrow morning first thing with paypal to this address. Regular
postal should take just two days to Aspen.

Paid for!

michael

I am depositing $140 into you paypal now.
please ship to [address removed]

thank you

greg gordon

Then the debate ensues. The guy wants immediate shipment, so what does he do? He Paypals with an eCheck (that takes several days to clear), and gives me two different shipping addresses (one to me via email, and a different one to Paypal).

I let him know the error of his ways…

I just saw in Paypal that you made payment via eCheck, and the shipping
address is different than the one you stated.

I can’t ship until that check clears, so if you are looking for a phone
immediately, you may want to reconsider. And I need confirmation on the
shipping address.

Now, the denial…

michael

I did a direct payment via paypal with my credit card.
dont know what echeck has got to do with it.

[address removed]

please send confirmation of money received and
shipping date.

greg

I am calling bullshit here…

Sorry, but the paypal payment was an eCheck, and your unconfirmed shipping address per paypal is actually:

[address removed]

The eCheck payment was declined by me yesterday, and you should have received confirmation from Paypal on this.

Regards,

Michael

Greg can’t understand why…

michael

I see that you have returned my money to paypal.
I am a little confused as to what is going on.
I have neve had a problem buying anything with paypal.

greg

The problem was…

You paid with an eCheck (not credit card like you stated), and that takes minimum 3-4 days to clear.

Now, he says a bank account would do…

regarding the echeck:
dont have a clue what that is.
I use paypal often and have never had any problems
before.
if you would rather I deposited the money straight
into a bank acount, let me know.

We could have gone on and on. After deciding I was too much of a hassle, Greg decided to take his business elsewhere, or at least that is what he said at first. Five minutes later, he thought it might be okay to let the payment wait to clear, but of course I’d already cancelled his eCheck. A few minutes after that, payment was supposedly on its way. It of course, never arrived.

I feel sorry for all the people Greg has never had problems doing transactions with.

Phishers show their love for eBay and Co

Michael Gracie — Sat, 29 Jul 2006 00:30:57 +0000

According to recent report by Sophos, phishers are persistently targeting PayPal and eBay users. The reason? Ubiquity of the services. eBay is available in 27 countries, and I doubt there are many people who haven’t bought, sold, or at least browsed for goodies.

That’s a big market to go after. Add the fact that there are probably a lot of casual internet users (i.e. not so technologically sophistiicated) on eBay, and you have a big, targeted market for phishers.

I love stating the obvious.

The golden years are coming back

Michael Gracie — Fri, 12 Aug 2005 17:31:14 +0000

I am not sure if the phisher in question can’t afford a web developer, are tired of having their sites shut down mid-scam, or are just plain stupid, but they are resorting to fax-back requests in trying to gain access to some Paypal accounts.

The scam in question uses an spam email to redirect victims to a site where they grab an MS Word form, fill out their account information, and are then told to fax it to a toll free number. Having a purportedly US-based toll number for sending account data might fool a few folks into thinking this is legit, but for the phishers it makes a nice audit trail for getting caught. At least we hope.

Stating the Obvious

Michael Gracie — Fri, 05 Aug 2005 16:01:46 +0000

If you are in the business of phishing, you obviously are looking for money. Scam, business, money. So it comes as no surprise that 80% of phishing is targeted at financial institutions. That is where a lot of money is, eh?

If you threw Paypal into the mix (they hold money, pay interest, extend credit, but are not FDIC insured per se), I bet the number would climb ten more points!

Ebay’s phishing hole

Michael Gracie — Fri, 15 Apr 2005 13:41:05 +0000

Ebay has long been a target for fraud. Some of it has to do with the gamey nature of eBay - everyone is looking for a “steal” of a deal, and some simply take it literally. As the market has become more liquid, it is less a place to find basement-price bargains, at least legitimately, but the auction format and reputation are still enough to fool some folks into buying non-existent goods at some ridiculously low price.

But of course, eBay and its cousin Paypal have also been the pawn in many phishing attempts. And like the tracking of a deadly disease, it would be interesting to hear how it got started and why, and what ebay is doing about it. Well now you can.

Frank Fortunato over at Internet.com is running a two part report on eBay fraud. The first post discusses the early battles with phishing emails, the Paypal acquisition that made the company even more vulnerable by introducing elements of the banking system to thieves, and the escrow services we smart folk knew were scams to begin with.

Ignore Frank’s blurb on wireless, which Spamroll has already warned you about several times over (and has little to do with eBay anyway). The most interesting part of the piece was the discussion of eBay’s fraud prevention measures.

Points to emphasize are the structure of eBay’s customer service squads, which only cover the top sellers (and not much on the buy-side), as well as the stealthy nature by which eBay addresses the issue of fraud. Subtle disclosure and difficult to find security links are purposed to warn customers about fraud without scaring them off the site.

The follow-up is promising some common sense measures both eBay and its users can employ in the fight against fraud. Stay tuned.

Are Slashdotters beginning to like Bill Gates?

Michael Gracie — Sun, 03 Apr 2005 17:22:34 +0000

I am not sure how to take this post over at Slashdot: Gates’ Resolve in Bringing Spammers to Justice. I think any major legal action (and a hundred plus lawsuits should be considered a major legal action) is a positive step for the anti-phishing movement, but I don’t think Microsoft is to blame for the epidemic. It seems some of the posters in the above referenced post agree, while others are still miffed. I want your opinion.

Yes, Microsoft products (particularly IE) are susceptible to spyware/adware/malware exploits, and more than others. But Microsoft has been quick to fix problems with issues in Outlook, and their Entourage product (which I use exclusively) is very effective at weeding out both generic spammy offerings as well as some phishing attempts I have seen come in (see A Gem in Entourage). And yes, flaws in IE may make it easier for phishings to redirect folks to fake sites, but using another browser is so damn easy I am surprised people still bitch about IE; browsers are free, for goodness sakes - there should be little reason to piss and moan.

Lets keep in mind a couple of other things.

First, phishing attempts are often much less obvious to server side Bayesian spam filters, but as sys admins tweak rules to that effect, many of the more obvious ones will disappear. And these phishing attempts are not isolated to Microsoft products, nor Microsoft in general. I have seen more attempts targeting eBay, Paypal, SmithBarney, and Washington Mutual. That is because these folks handle money and diverse products - Microsoft doesn’t. In addition, of the list above, only eBay uses Microsoft servers (if I am wrong there, just let me know, and I will make the appropriate corrections). If anything, Microsoft is the victim of more abuse from generic spam targeting bootlegged software.

Next, Microsoft is setting an example by going after phishers who replicated their sites for malicious purposes, and they are attacking the phishing “value chain” from top to bottom. This is a good thing, regardless of who is to blame. If the other victims jump on the bandwagon, as I suggested they do in Microsoft Phishing Lawsuits, the economic advantages of such fraud are going to wane, and the phishing attempts along with it. Meanwhile, folks like eBay using Microsoft products should see ancillary benefits as well.

Again, I am not sure how relevant some of the comments over at Slashdot are, but I am looking for your views on the matter.

MailFrontier Phishing Survey

Michael Gracie — Thu, 31 Mar 2005 14:28:52 +0000

For those who think they are too smart to get nabbed by a phishing attempt, here is a little test you can take to see how skeptical you really are: MailFrontier Phishing IQ Test.

While the test is designed for UK email users (the bank examples include Barclays and the like), in our global economy, this is clearly applicable to everyone.