Schneier on Security
A blog covering security and security technology.
« Self-Defense Pen |
| Friday Squid Blogging: Squid Pie »
March 6, 2009
New eBay Fraud
Here's a clever attack, exploiting relative delays in eBay, PayPal, and UPS shipping:
The buyer reported the item as "destroyed" and demanded and got a refund from Paypal. When the buyer shipped it back to Chad and he opened it, he found there was nothing wrong with it -- except that the scammer had removed the memory, processor and hard drive. Now Chad is out $500 and left with a shell of a computer, and since the item was "received" Paypal won't do anything.
Very clever. The seller accepted the return from UPS after a visual inspection, so UPS considered the matter closed. PayPal and eBay both considered the matter closed. if the amount was large enough, the seller could sue, but how could he prove that the computer was functional when he sold it?
It seems to me that the only way to solve this is for PayPal to not process refunds until the seller confirms what he received back is the same as what he shipped. Yes, then the seller could commit similar fraud, but sellers (certainly professional ones) have a greater reputational risk.
Posted on March 6, 2009 at 1:30 PM
• 54 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
My wife got hosed through eBay twice.
The first time, she paid the seller to buy shipping insurance. It arrived damaged, and we took it to the parcel carrier who said the insurance was never processed. The seller profusely apologized, and said since it was her mistake that insurance wasn't purchased, she would order a brand new one. Emailed us a confirmation that it would be shipped in 6-8 weeks. My wife and I followed up, and one day when my wife called, the seller said "I never ordered it, and its past 90 days--there is not a damn thing you can do." eBay wouldn't entertain our complaints.
The other involved a magazine subscription that conveniently took 8-12 weeks to arrive. Money gone, magazine never arrives, seller says the same "too late after 90 days" nonsense.
Lesson learned the hard way.
How do VISA / Mastercard / AMEX handle this issue? or is PayPal offering more buyer protection than the credit card companies?
I would follow up with UPS, however, and file some sort of a claim report. I used to work for the returns/problems department for a small mail order company. They don't like dealing with fraudsters, and will flag accounts. You may not get any personal satisfaction, but may help the pattern become apparent.
No buyer protection involved here, but rather buyer aiding and abetting.
The seller is the one getting hit in this instance. How do you get a credit card company or Paypal to recharge your crooked customer?
When you are scammed like this you should ALWAYS file a police report with the PD in the seller's community. You can try seeking assistance from your local PD if the other doesn't have an easy process available.
Naturally, if the seller lives in a large city or a high crime area you're not likely to get your money back, but that's not always the case in smaller communities. Small town sheriffs and police officers will often pay a visit to the homes of these thieves, especially when there have been multiple complaints, and when the police start showing up the money often follows.
If you read the paypal terms of service, dealing with them is like walking a minefield anyway.
A popular scam is buying things with Paypal, backed by a stolen credit card. You send the doo-dad (watch, etc.) after paypal has confirmed payment. You take your money and then 3-6 months later paypal comes back at *you*, the seller, because it turned out the credit card they accepted was stolen and Visa got the money back from them. And they want it back from you.
Paypal is basically useless as a payment mechanism for anything expensive.
I would think that some of this is seller cost of business, but maybe that is me.
How many people are going to do this? If you want to sell something over e-bay as an individual, it is "as is and no returns".
A friend of mine had something similar happen. Shipped an item out UPS to have a tracking number to prove delivery. After a couple months he threw out the paperwork thinking since it was past the 30 days Payal lists for refunds he was fine. Buyer then called Paypal saying item never shipped. They yanked the money from his checking account since he had gotten rid of the tracking paperwork by then and had no way to prove it.
Basically treat ebay the way you (should) treat Vegas. Don't gamble with more than you want to lose.
It's *not* a clever hack. It's theft.
So how did Paypal end up in a position where they have to arbitrate the conflicting claims of senders and receivers? They don't seem to be in a good position to do so -- and I wonder how strong their incentives to spend resources on doing it well are. It seems that all they have to lose is reputation.
Nobody here or in the consumerist article has called it a hack. All would agree it's theft. More specifically, theft through fraud by exploiting flaws in the process. No hacking was involved at all, but I think it was clever.
Clever theft is still clever, just as it is still theft. There is nothing wrong with admiring cleverness in any form, and such admiration does not imply admiration of the criminal act that results.
I don't understand why so many people think that this is wrong. Do you believe that if you simply close your eyes to crime, it will go away? Do you somehow believe that if we don't discuss these methods, criminals will never discover them?
"So how did Paypal end up in a position where they have to arbitrate the conflicting claims of senders and receivers?"
It's in the terms of service you agree to. Paypal users put them in this position.
> theft through fraud by exploiting flaws
> in the process. No hacking was involved
Agreed. This is clearly not "hacking". We call this "cracking."
An obvious amendment to Bruce's idea: use buyer and seller reputations to decide who gets the benefit of the doubt. Unknown buyer + known seller -> seller can decide whether to give a refund (or can challenge a refund after getting the package). Unknown seller + known buyer -> it's harder or impossible for seller to challenge refunds.
Chad has the name and address of the person to whom the computer was shipped (and the PayPal account that paid for it). Why doesn't he publish them?
We don't know whether the person who was listed as the buyer is the person who stole the processor and memory. A third party could have intercepted the package and then resealed it, or just damaged the package enough so that the buyer would call it "destroyed". Given this, if the seller publishes the name of the buyer and alleges fraud, s/he risks falsely accusing an innocent person.
In situations like this, where it's hard to prove who is at fault, credit card companies tend to eat the charge (making up for it by charging vast amounts for interest), but PayPal is a worse deal, as they want to take it out of either the buyer or the seller. That's one reason I won't use them; you don't have the protection you have when you pay by credit card.
Paypal (and it's parent company eBay) are basically organised crime themselves, down in the bowels of society with pawn shops, used car dealers and lawyers. Zero responsibility, zero accountability, just orchestrated to sit in the middle and skim transactions ...
@Bruce & "AppSec": You must not be too familiar with eBay and PayPal policies. I'd be shocked if this kind of thing didn't happen regularly and just wasn't widely publicised. eBay and PayPal (owned by eBay) are very pro-buyer and anti-seller. eBay requires sellers to accept PayPal, and PayPal requires sellers to offer refunds. Sellers also can no longer even leave negative feedback for buyers. If a buyer wants to defraud a seller it's very easy--no cleverness needed. Like most security problems the solution is not simple.
There's not much clever about this: it's a fairly straightforward theft, except that the victim has the thief's contact details. There isn't enough here to send the thief straight to prison, but there's certainly enough to open a criminal investigation, and if the rest of his plan is as dumb as this part, he's got little chance of getting away with it.
Some IT purchasing departments have has so many "brick-in-the-box" incidents that they keep a video camera to film the unboxing.
The hole in the system that's being exploited here - and all over the place elsewhere - is that although we have a trusted third party (the shipping company) provide confirmation that the thing was sent and/or delivered, there's no trusted third party checking that the contents of the box is what it was represented to be.
Maybe there's an opportunity here for the shipping companies to go beyond just delivering boxes and getting signatures for them.
I used PayPal exactly 3 times. At the time it was how long they would let you use a credit card to pay. After that they demanded a linked bank account to be able to use a credit card. It didn't make any sense to me. After a bit of research, the reason they do that became obvious. Since they are not affected by the same laws that regulate credit cards, once they have your permission to make transactions in and out of your bank account without requiring your signature, they no longer need to worry about credit card conflict resolution. Just go into your account and take what they want. I am not sure why anyone would allow a third party to take money from their account but they do.
To those who think that the delivery company is defrauding the boxes, consider this:
While theft may happen from time to time, the volume of packages that flow through the shipping hubs is quite large (several hundred thousand per hub, I'm sure). Moreover, vast amounts of the packages are worthless materials being sent (think business, law and financial documents that have little to no useful information). Then, consider the time required to open boxes discretely combined with the chance of actually finding something worthwhile and small enough that you could stow away without any of the numerous cameras catching you.
With all of those considerations, the chances of theft via the shipping company rapidly diminish as it becomes increasingly hard to find something worthwhile, small and easy to conceal.
"While theft may happen from time to time, the volume of packages that flow through the shipping hubs is quite large"
Your thinking of the wrong place. Thefts are most likley to occure at/from the end points.
The person driving the pickup / delivery vehical has local knowledge, the time and the ability to flip the boxes to check for content.
The pickup guy does not have to steal the box or the contents, he just has to let an acomplice in the delivery area know.
Lets assume you pick up from Mega Electronics Import's Internet order dispatch warehouse. Some of those boxes will say on the outside what they are (think the last time you purchased a TV or home white goods)
As you check down the list with the company dispatcher you can see if there is a package going to Slumville County where your cousin lives.
If you have one of those handy scanner pens that read in a line of text it would be the work of a moment to scan in all the Slumville county addresses for "interesting" packages.
Your cousin can then sell on the info to the local neardowells in Slumville County. They can either intercept the package (there are many ways to do this) or break into the delivery address a few days later and steal it (if they get the box packing and manuals then it makes the re-sell price a lot lot higher).
i see UPS and FedEx here all the time either leaving their trucks open, or transferring boxes from one to the other (always using the same location!)
besides being a traffic hazard (they park right before/after a crosswalk) it's a security risk:
how easy if one had a good zoom lens (like paparrazis) - you see the barcode, the shipping address, and even the printing on the boxes so you know what's inside!
For better or for worse, when there's a dispute in an online transaction, the merchant is almost always the one holding the short end of the stick.
"but sellers (certainly professional ones) have a greater reputational risk."
True. But sellers also have much greater upside.
If this was such an organized operation, drivers would be busted left and right for letting so many of their packages be pilfered or lifted outright.
I keep on receiving emails in my hotmail account from the United Nations dude called "Ban Ki Moon." They needs "moneys!"
Should I give them what they ask for Bruce?
"If this was such an organized operation, drivers would be busted left and right"
That depends on what you mean by organised and how you measure it.
Lets say you lose 10 packages a month (or one every three days).
If that is out of 3 packages a day then that is significant (~11%).
But what if it was out of 600 a day (~.055) that is getting towards the noise floor of misdirection/misaddressing of packages for many enterprises.
Have a look at what the U.S. Mail, U.K. Post Office and other countries National/Government Mail services lose/misdirect as a % of items carried.
Although the likes of UPS TNT FedX and others have much better figures they are by no means perfect.
However they do have extensive tracking systems which have cost an arm and a leg to put in place but stuff still goes missing.
I occasionaly work for a small company and due to the losses they have had via comercial carriers, unexpected small parcells are opened infront of the couriers agent and two other witnesses. And they still get a couple of "newspaper stuffed" packages a year, and something like twenty or thirty misdirected/misaddressed packages with around five never getting delivered.
So my gut fealing is that definate fraud theft runs at around 10% of misdirects for fraud, and 15-25% for possible theft from misdirects. The misdirects run around 3% of packages.
However when you look at the possible theft numbers in terms of dollar loss then they tend to be higher value items and that figure goes up an order of magnitude. Which is why I call them possible thefts not lost packages.
Your mileage may vary but ask around companies that supply high value small electronic items such as mobile phones losses in transit represent a sizable chunk of the somewhat slim profit margin.
Oh and go and have a look at the figures for other high value items such as credit cards and passports. I think you will find the figures a bit of an eye opener.
There's a simple method that could have avoided this, but it requires 2 checking accounts and a bit more work. If you are a "professional" Ebay seller and you don't do this you're asking to be scammed and I have little sympathy for you.
The way it works is you have 2 checking accounts. Your primary checking account is the one you use day to day and is a normal account. Your secondary account is tied to PayPal and is locked down by the bank. They can do this if you ask them. They basically put a fraud alert on your account, effectively making it a black hole for money. Deposits still work, but all withdrawals are refused.
Every night you empty your PayPal account into your checking account, and every afternoon/evening (after the time of day all transactions are processed at your bank) you go down to your bank and have all funds transfered from your secondary checking account to your primary account. This is a bit of a hassle but the bank should do it. If not, find a bank who will. My bank would so I know they exist.
Now, assuming this scam happened to you, the following chain of events would happen:
1. Item purchased by thief, money transfered from thief's PayPal account to your PayPal account.
2. Item shipped, money transfered from your PayPal account to your secondary checking account.
3. Item received by thief. Thief reports to PayPal that item is destroyed. PayPal tries to pull money from your account for a refund AND CAN'T!!!
4. There is no 4 because the whole scam has been brought to a screeching halt. There will be no overdraft fees because your account is frozen, and there will be no bounced check fees because an electronic funds transfer can't bounce. Just make sure there's no hidden scams from the bank with BS fees for things like this. If the thief shipped back half the item sold, then you're actually ahead whatever that part of the item is worth. Now it's the thief who is out money, because I'm 100% sure PayPal would NEVER, EVER allow themselves to be the ones holding the potato when the music stops.
I had a PayPal account for a while and did exactly this, although I was more worried about the scam PayPal themselves were pulling at the time where they'd lock your checking account on you for whatever reason only they knew and seemed to be a highly sensitive trade secret the leaking of which would cost them hundreds of trillions of dollars apparently. I stopped using it and closed the checking account after reading one too many stories about PayPal fraud.
Another solution to this problem: DON'T. USE. PAYPAL. They are an unregulated bank, nothing more. Why the government hasn't forced them to register as a bank and be regulated as such is beyond me. They have to be one of the most profitable scams in history, second only to insurance. I have a very hard time feeling sorry for anyone who has been scammed while using PayPal. If Ebay only allows PayPal to be used for payment (that's what I've heard, I actually don't deal with them because they own PayPal and that makes them untrustworthy in my opinion) maybe it's time to find another online auction site.
I'm sure PayPal would scream bloody murder over doing this as it forces them to actually deal with a thief rather than tell the seller "It's your problem now." They will most likely terminate your account, but beyond that there's NOTHING more they can do. However, you would have also been saved whatever money you would have lost in the scam. I think it would be worth it. PayPal isn't the only money transfer service out there, and Ebay isn't the only online auction site. It would be their loss in the end, not yours. If more people started doing things like this these scams would come to a very quick stop because PayPal would be forced to actually do something about them.
Sorry for the long rant, but it just gets under my skin that people allow themselves to be victimized like this.
Your strategy is a cute one, but that means the seller can't use PayPal again -- so it doesn't work in the long run if you're an active eBay/PayPal user.
I actually had something very similar happen. Weeks after I got paid for some programming, the buyer decided to jerk me around and did a chargeback for $2000 or so. PayPal just put my account into negative and threatened to sue. Even after the buyer recanted, it took several months for the chargeback to be undone and my PayPal account restored.
Meanwhile, the money I did have left in the account (under $100) was inaccessible, as would be any other inbound money. So it's not really that safe if you're using it often.
And no, I don't use PayPal anymore :).
Like Michael I would not use Paypal ever again.
I have friends who have been stung by Paypal and to be quite honest I don't know who is more dishonest, the crooks that steal directly or Paypal's marketing and legal departments.
Most people who have had problems with Paypal have noticed they are very very quick to take money but very very slow to repay it (to the point where a friend started legal procedings against them).
The obvious conclusion is that they do it deliberatly as a mater of business policy presumably to maximise any "overnight" interest etc.
There are better financial models out their but the likes of E-Bay etc say they are "riskier" which again brings ito question their usines ethics.
I guess it's a case of "you pay your money and you take your choice".
The seller is screwed. Neither eBay nor PayPal have any interest in fraud that is facilitated through their services.
There was a punk in Toronto pulling a scam, he would buy an item, pay for it through PayPal, and then claim that the product was damaged and get a refund.
I was a victim of this, and did everything I could
- went to police fraud squad, useless
- contacted eBay, useless
- contacted PayPal, they sided with the criminal
Through all this, I managed to find 5 other people in the area that had been ripped-off by this same scumbag, and even with *that* information and a combined effort, neither the police, eBay or PayPal took any interest.
Ebay has a busted it's basic reputation system - so you can't rely on it.
It has generally taken the attitude that it's between buyers and seller - we are just putting them in touch with each other, but that pay-pal claw back changes everything.
Paypal appears to have been a great purchase - but it has destroyed ebay!
It seems to me that the risk should always lie on the side of the business, not the customer. Any business or sales channel that leaves all of the risk in the customer will soon see itself have no customers.
This is what happened with DRM. The RIAA pushed all of the risk on to the customer. Then a couple of DRM schemes failed or stopped working, and customers lost what they paid for. The other merchants decided they needed to take back that risk and stopped forcing DRM on their customer base.
Has anyone ever sent a phishing email posing as Bruce, Counterpane or BT?
I was one of the lucky winners with PayPal a long time ago when it was US-only. I set up an account using US details, then moved it to NZ. Which was fine. I bought a bunch of stuff over time, also fine. Then one day someone paid me, and I tried to get the money out. According to PayPal that's fraud. So I probably still have ~$US500 in a PayPal account that I can't access.
eBay tried the "must use PayPal" scan in Australia and the anti-monopoly people told them to stick it. While it was in place I noticed a bunch of "don't accept PayPal, that's just because eBay insists" comments on items for sale. Also a boost to Craigslist traffic.
My dilemma is this. I sold a $175 item to a Buyer (they paid with Paypal) who says it never arrived-i sent it UPS & so i had tracking info, but the Buyer didn't purchase Insurance. They pressured me for a refund, which i did not give, BUT, because i am a UPS account holder, UPS gave me $100 towards the lost package, which i sent to the Buyer via Paypal. NOW the Buyer has also filed a chargeback with their credit card & gotten the whole $175 back, PLUS the extra $100 i gave them & Paypal is threatening to take the $175 from me if they lose their fight against the credit card company. I have provided all sorts of details, proof & reports to support my claim, but i fear Paypal will end up ripping the money away from me anyway. Hell, this person could have the item as well. What is a good next move?
My bad experience with PayPal was as an eBay buyer. The item was not as advertised. PayPal would only refund after the seller received the returned item. I was out the shipping cost with no item!
Laurie, I recommend Small Claims Court as the next step.
I had a similar type of problem, with a happier ending.
I bought an 8 GB SD card on eBay (then, about $80); the seller shipped a 2 GB card (then, about $20). I sent email to the seller, no response. I used eBay to communicate with the seller, no response. I filed a claim with PayPal; they didn't hear from the seller either. They told me I had to ship the item I got back, using a trackable method, at my own expense and I would not be reimbursed for the shipping cost; after it arrived, they'd decide what to do. I told them that was unacceptable, and they just closed the file and did nothing.
Fortunately, all that took only about a month, so I still had plenty of time to file a chargeback with AmEx. PayPal didn't even try to dispute it.
Why does obtaining a ebay free kit require information on your financial situation. How much you make and how far indebt you are in, etc????
I have bought and sold on Ebay for 10 years, but actually have bought 100 times more often than I have sold. I have always been very careful about the sellers and buyers especially their feedback. Despite that I have had several bad experiences but they all involved low $ amounts luckily. Ebay has said from as far back as I can remember that they " are just a vendor " and are not really responsible for anything that goes on with buyers and sellers. That is their " out " to make billions and not take any action to help you. I believe that owning Paypal is anti-trust and I cannot figure out how they are getting around this except that their executives and Meg Whitman all have political friends in California government. That really can be the only major reason combined with perhaps some little loophole they found in the law. People are quick to forget that good ole Meg is a billionaire, NOT millionaire, due to profiting from Ebay. There needs to be a class action suit put together ( a new one ) regarding their policies and the double dipping that comes from collecting an Ebay fee and Paypal fee on the same transaction. Also just a mention to the post from expaypal, you are incorrect about banks not charging on declined electronic transactions, I have had WAMU ( now Chase ) for many years and they have always charged an overdraw fee on ALL transactions to me and everyone else I know who had them, and prior to that Wells Fargo and Cal Fed did it too. Oh and what are you referring to ( George ) about the Ebay Kit? I am curious.
Do not get me started with SleazeBay. Last night they suspended me. Why? Well, let me tell you a story. We receive free internet in our building so someone in my same building who also dabbles on Ebay, was suspended. Guilt by association is what Ebay says. The other person in the building got an unpaid strike against him even though he paid and his seller left positive feedback. But, Ebay tells him if the seller doesn't remove it, there's nothing SleazeBay will do. As if that wasn't enough, Ebay told my seller (for an auction I just won) to file an unpaid strike against me because I was possibly a criminal.
I HATE THIS Rack of Thieves. And yet.... they get away with all of it!!
Thanks for the eye opener on PayPal and Ebay. I had cheap item fraud with a large volume seller. Her 98.9% is reflective of volume ONLY because her negative feedback (6 in 1 mon) was strikingly similar. She sends wrong sizes and lies about measurements. PayPal lets you comment BUT not respond to the seller's refute (mine lied repeatedly). PayPal runs a claims service based on limited contact without resolving fraud issues.That is, if you send the seller, out of your pocket, back their item for a refund, they get to sell it again. You are out of return shipping.
I forgot to add that perhaps anything less than 99% for a large volume seller is undesirable. Neutral ratings and even some positive ones should be checked before buying because some of them are telling (hindsight). As for shipping fraud, a major moving company has the shipper sign the tape over the high value content box opening. At delivery, the same shipper has to ID the unbroken,signed seal and check contents in front of the driver.Two different people shipping is another story though.
Shouldn't this fraud (in the original story) be detectable by comparing the package weights? UPS freight charges are based on weight, so UPS should have a record of the weight of the original package and of the return package. The return package should be several pounds lighter, right?
I find it interesting that eBay provides no interface for finding negative feedback except by scrolling through lists manually - so for large volume sellers, that small percentage of negative feedback is impossible to find.
1. Received bad goods from seller - he promised (in writing) to replace. After 30 days (no replacement) he stopped answering emails. I complained to Ebay/PayPall - they told me tough nuts it's outside the 30 day complaint period. I had my CC company reverse the charges - the bastard seller had the balls to complain to PayPall who got on my case about it - I told then tough nuts Jack you had your chance and blew it. End of story.
2. Had a "second chance" offer from a vendor on an item that I'd bid on but not made the winning bid. I bit and ordered the item. Never srrived, no evidence that it ever shipped. Raised a dispute with eBay - no satisfaction. So I left NEGATIVE feedback. Checking recently the negative feedback has been REMOVED from the seller. I complained to eBay - NO RESPONSE.
3. WHen old Meg Whitman was in charge I took the time and trouble to complain to her TWICE of eBay/PayPall practices - NO RESPONSE (when the boss doesn't give a tinker's damn about clients the Indians can only follow). BIG WHOOP SURPRISE.
Needless to say I no longer have a PayPall account and VERY SELDOM even look at the eBay site any more (it used to be the go-to place back in the day...before BIG Business and Meggy screwed it up).
EBAY/UPS coordinated scam. I lost $17, 000 and my credit rating damaged over this fraud. Thief either purchases from inside Ebay employee a dormant member ID. The member usually has not bought or sold for a year, has 100% Positive feedback and is not monitoring their account, or maybe are dead. That is why I believe a Ebay employee is involved. The Thief contacts you (the seller) and is interested in your gold watch. You see 194-Positive Feedbacks and consider it is real. The thief claims they no longer use PayPal and suggest COD. You are not stupid enough to mail a $17, 000 item COD, unless the funds are 100%protected. You contact UPS and are convinced they are able to Guarantee that their driver will only accept US Postal Money Orders if you ask. You understand USPMO are like cash so agree to ship the watch. The buyer normally offers a price close to your asking price and mine said he would add $250 shipping credit. UPS charged me $329.90, all but $91 going for insurance, explaining the insurance protected me. The UPS clerk Guarantees me the driver instructions will exclude Cashier's Checks and Money Orders, COD=$16, 750 GUARANTEED. I ship the watch, being told the most I can lose is shipping if the buyer cannot produce the US Postal Money Orders. Tracking indicates the watch has been received and paid for so the thief calls me, tells me the watch is great and that he has left me a positive feedback; could I leave him one?Knowing my funds are secure I leave a feedback and start getting calls from Ebay members, indicating he wants to purchase their watch. I am confused, but believed my funds are secure. 13-days later I receive a child-like fake Cashier's Check, and are notified several other members lost their gold watches to the same guy, same address, same style check. The UPS driver accepted horribly poor checks from a man standing in front of a residence (not his) in a snow storm, for $56, 000. I strongly contend the driver was involved in the scam. UPS will pay nothing, saying the US Postal Money Order "thing" cannot be proved by me, and the Cashier's check, with no Water-marks, Black-line, State of Origin or even Check Number, passed their Facial Validity. Ebay can no longer be trusted and UPS is running Driver Scams. So I pay thousands to a attorney, Ebay is moot and UPS is now working with high-end fraud schemes.
hi reading the post comments about ebay/pay pal and their and the way they treat ebay buyers and sellers do they offer any kind of protection for buyers.if a few people purchase expensive item's from a seller on ebay.and the item turns out to be bogus crap paid by way of pay pal.what happens do ebay or pay pal refund our money.will the crook get lock up will they make the crook pay our money back.what be the process.i have purchase items from ebay never had a problem but i have heard people do after reading people on here stories i just wander.
Richard Best Advice I Can Give Is NEVER EVER Buy Anything Expensive From GreedyBay
I bought an item on ebay for 10 usd and was charged 100 when i refused to pay for it I got not only a bad feedback but my account was suspended then this seller who had a credible feedback offerd a $2500 IMAC for $1200 I averted Ebay of this activity and had no response 3 buyers were defrauded people need to hold ebay responsible for there blatant disregard for there own rules even Rome crumbled after 4000 years of dominance and so to the fall of Ebay and PayPal
EBAY follow-up on the $17,000 watch purchased through Ebay and given away by the UPS driver.
My watch appeared on EBAY several months later. There were less that 300 of these Gold watches produced in 2001 as a collectors item, nationally.
I contacted the seller, who would not co-operate when I simply requested the Serial #, as the watch was registered to me. After the second request, and a note to Ebay my stolen watch was likely listed, I was notified to never contact the seller again. Ebay failed to stop the sale, notify the authorities and told me to "back off!"
I then had my sister, that actually lived within 50-miles of where the watch was being sold, email the seller and ask if she could see the watch before purchasing it. After a luke-warm response, the sellers would no longer answer her emails.
Ebay failed in every way to help me recover my stolen property, allowing it to be listed and sold on their site. As you might already perceive, it was a very upsetting experience.
Had I not been totally assured by the UPS shipper that their driver would honor my request for only USPS Money Orders, requiring the thief to create 17-$1000 checks and 1-$750 check, this would have never happened. After almost a year of research, most UPS drivers are hard working and do their job, but in my case, the driver was involved in scamming $56,000 worth of Rolex and Breitling watches and is likely working today. I assume the thief had previously worked for UPS, knew the rules and likely knew the delivery driver.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.