Yesterday, I was out and about. I came home, and I checked my email randomly and I had two receipts from Paypal dating that day (5/16) and I had definitely not ordered anything from Paypal. I checked my Paypal account and there were two orders made, that I didn't do. I changed my password, but by the time that was done with, there were three more transactions done. I knew I was in pretty <cbs>, but whatever. He bought a bunch of WoW gold on it, about 200 dollars worth.

So I changed my password, and filed an "Unauthorized account Use Claim" with Paypal, and also called them. The guy I spoke with said Paypal caught it and realized something was fishy, and they halted all transactions (put temporary holds on them) and that he was going to send me an affadavit just in case I got any overdraft fees, I could take that to the bank and the fees would be waived. I never got the affadavit, for the record.

I thought everything was okay, but when I looked at my email today, it said this:


We have completed our investigation of your case and, as there is
insufficient evidence in support of your claim, we have denied your
Unauthorized account Use Claim.

And all the transactions went through, and I have overdraft fees to the bank.

We called Paypal and explained the situation, and they basically said that they had investigated it, twice, and their conclusion both times was that it was a, ugh, I forget what it was called, but they basically said that I really did make the transactions, that I'm lying, or that someone broke into our house and used my computer to make these transactions (nobody was in the house at the time of the transactions). They are saying this because the range of ip addresses that they logged match mine. They are saying that they can't reimburse me at all, that there is no "protection" in this case.

I'm looking through my emails that I got that day and there's not a whole lot there. What I do know is that he has my address, my name, my credit card information (we shut down the account), my ip, my phone number, and my email address. Basically I'm a victim of identity fraud at the moment.

We have a laptop that is secured by WEP, but according to my friend, WEP can be cracked in about 8 seconds, but usually the whole thing about it being secured scares off some hackers. Could a neighbor of mine have hacked the connection and done all his dirty work on his computer, but being masked because he's on our connection?

I ran Ad-aware, Spybot, and AVG Free and there were no keyloggers or viruses or anything. So I ruled that out. The only other thing I can think of is that I had brought both my PC and the laptop to a friends house of mine, a family friend, who fixed the laptops wireless connection up and we lanned later that night, but could he have used my ip as a proxy and done this? I know he didn't, but just hyopthetically speaking.

I'm really leaning toward the fact that its one of my neighbors that jumped my connection and did his dirty work there.

The next thing: what can I do about it? To get the money back and then to secure my identity again? I'm a bit uneasy with this whole thing at the moment. We're going to call the police tommorow and contact a lawyer to deal with Paypal, and we're going to get a subpoena to have them release the information on the investigation. But really, what can I do?

Also, we apparently spoke to the head customer service woman of Paypal and she basically said that Paypal can't do anything and its our deal. She was a <cbs>

Sorry for the long windedness...but any help/advice is appreciated.

You're on a wireless router, eh?
It doesn't even have to be a neighbor, it could be a "friend" that parked near your house when they did this. How much was spent all together and what is WoW gold?

You're on a wireless router, eh?
It doesn't even have to be a neighbor, it could be a "friend" that parked near your house when they did this. How much was spent all together and what is WoW gold?

Ouch sorry, I copy and pasted this from a forum where they all play WoW.

WoW is an acronym for World of Warcraft, a massively multiplayer online role playing game. You can buy their in-game currency for real life cash, if you so desire, though its against the EULA (end user license agreement.) About 200 bucks was spent in total.

I'm not on a wireless router myself, I'm wired, as are all computers are in my house, minus the laptop. The router is broadcasting a wireless signal to the laptop, however.

ive always been afraid of something like this, as i do my fair share of ebay/paypal transactions. hopefully everything works out for you.

Ouch sorry, I copy and pasted this from a forum where they all play WoW.

WoW is an acronym for World of Warcraft, a massively multiplayer online role playing game. You can buy their in-game currency for real life cash, if you so desire, though its against the EULA (end user license agreement.) About 200 bucks was spent in total.

I'm not on a wireless router myself, I'm wired, as are all computers are in my house, minus the laptop. The router is broadcasting a wireless signal to the laptop, however.
Sounds like one of your friends has hacked you. Start asking questions among anyone you hang out with and has been to your house, chances are that someone else knows and definitely notify the police. $200 is a misdemeanor theft, so you aren't going to be able to do much.
Good luck man.

Sounds like one of your friends has hacked you. Start asking questions among anyone you hang out with and has been to your house, chances are that someone else knows and definitely notify the police. $200 is a misdemeanor theft, so you aren't going to be able to do much.
Good luck man.

Yeah, its not so much the $200 dollars, its that someone knows all my information, lol.

Thanks for your help. I'm really leaning towards the fact that its one of my neighbors, because none of my friends have been over for a while. We'll see.

With a wireless connection it depends on the key size you're using. It can be cracked but not by anyone. Even if they did get through your wireless lan, how did they get the credit card info is the question I have. A lot of ISP's share IP addresses especially the larger ones. You should see if they (paypal) know the mac address of the computer that made the purchases. That address is associated with the NIC (Network card).

With a wireless connection it depends on the key size you're using. It can be cracked but not by anyone. Even if they did get through your wireless lan, how did they get the credit card info is the question I have. A lot of ISP's share IP addresses especially the larger ones. You should see if they (paypal) know the mac address of the computer that made the purchases. That address is associated with the NIC (Network card).

Paypal wouldn't release any information to us except that they investigated it, and the result of the investigation. We're going to get a subpoena and mail it to them though, so they will release it all to us. I'll look into the MAC address, that sounds real interesting.

Thanks everyone :)

this happens to people all the time. and if youre not gonna be able to recover the 200 bucks its not worth even investigating into dealing with police and lawyers. itll just cost you more in the long run. people steal CC numbers and make purchases all day long online. especially from sites like PayPal and some go straight to the CC companies database. i used to know people who did this on here and i could probably find a few more no problem. these websites can say theyre secure but theyre absolutely not and anyone who believes they are is a fool. just make sure you cancelled that CC along with your paypal account...

Sounds like one of your friends has hacked you. Start asking questions among anyone you hang out with and has been to your house, chances are that someone else knows and definitely notify the police. $200 is a misdemeanor theft, so you aren't going to be able to do much.
Good luck man.

the theft is only a misdemeanor, but the identity theft is usually a higher penalty, especially if the transaction crossed state lines, then it's a federal offense.

Really sorry to hear that one amigo. The only advice I can give is to be uber deligent and don't give up pursuing it.

the theft is only a misdemeanor, but the identity theft is usually a higher penalty, especially if the transaction crossed state lines, then it's a federal offense.
Yeah but 200 bucks ain't gonna get much diligence from the police and it definitely isn't worth hiring a PI or a lawyer for. Best to put it in the hands of the credit card company, they can be quite helpful sometimes.

Yeah but 200 bucks ain't gonna get much diligence from the police and it definitely isn't worth hiring a PI or a lawyer for. Best to put it in the hands of the credit card company, they can be quite helpful sometimes.

exactly what i was trying to say, is it worth paying lawyer fees and stuff over 200 bucks? nope. and youre right the CC company might be able to do more than paypal is willing to do as far as not having to pay for 200 bucks worth of something you didnt charge

My guess is that someone, either a neighbor or someone who parked near your house was able to get your internet connection that was wireless. Do you know if you have a password on your connection, because I know that my old router did not have a password, and that I could get the connection from my friend's house.

All your identity are belong to us!

All your identity are belong to us!
:lol1:
Actually, an idea just popped into my mind. Try to contact the people at Blizzard (makers of WoW) and see if you can find out who received a massive amount of gold in WoW. If you can get them to track that IP address from the player who bought the gold, you got your criminal.

With a wireless connection it depends on the key size you're using. It can be cracked but not by anyone. Even if they did get through your wireless lan, how did they get the credit card info is the question I have. A lot of ISP's share IP addresses especially the larger ones. You should see if they (paypal) know the mac address of the computer that made the purchases. That address is associated with the NIC (Network card).

i though the MAC was on the cable modem? And that ip stuff shouldn't fly, broadband connections generally use dynamic ip addresses (well maybe it can if you havent reset your cable modem lately). And like h2s said if it was one of your neighbors, how would they know all your information? The whole thing is really fishy.

:lol1:
Actually, an idea just popped into my mind. Try to contact the people at Blizzard (makers of WoW) and see if you can find out who received a massive amount of gold in WoW. If you can get them to track that IP address from the player who bought the gold, you got your criminal.

uhh... that aint gonna happen lol

My guess is that someone, either a neighbor or someone who parked near your house was able to get your internet connection that was wireless. Do you know if you have a password on your connection, because I know that my old router did not have a password, and that I could get the connection from my friend's house.
Of course he does thats what WEP is.

i though the MAC was on the cable modem? And that ip stuff shouldn't fly, broadband connections generally use dynamic ip addresses (well maybe it can if you havent reset your cable modem lately). And like h2s said if it was one of your neighbors, how would they know all your information? The whole thing is really fishy.They are tied to the NIC. I can specify to my router which MAC addresses to allow. It's an added security feature along with a secured wireless network.

Somethings to consider when using a wireless router. I do these.

Make sure you use WEP or another form of security. Use the largest key possible when doing it.

Don't broadcast your wireless network name.

Specify mac addresses of the computers you want to have access.

These are standard and can help. The one most people don't use is the "not broadcasting your network name". It's a simple turn on/off feature.

You can also get a router with a built-in firewall as well as the firewall on your computer.