|
The simplicity of bypassing a so called security check has been always a challenge of the creative earner. I have seen last week how many Dutch Foundations where cheated through Paypal not so long ago
1 The website or organization receives a letter from a person who wants to donate money to them. But they first want to test it with 2 small transactions cause they are not sure if the organization or website is valid.
2 the webmaster of the site thinks that is OK and received indeed 2 small transactions on his bank
3 the person contacts the website again and asks if the 2 transactions arrived OK, the webmaster of the site says yes, and tells the 2 amounts he received. ( without him knowing he forwarded very sensitive information )
4 the person who was planning to donate now has access over the person his bank account by simply cheating the paypal system.
the donator in this situation made a another paypal account with the found info of the organization behind the website he cheated. Requested a bank verification, used the organization her numbers, gets the 2 small digit amounts from the website by described above little cheat. And then owns a paypal account with a verified bank account and can do transactions and clean out of the organization her account.
A lot of organizations where robbed, but Paypal decided to give the money back to the victims. Yet they state again on television, never give information to anyone, but there will be always people who do not read this forum.
A so on first eye looking secure system, can still be cheated with if you are creative. Bad world we live in
|