Jump to content


  • Tweets

  • Posts

    • Update 15th March the eviction notice period expired, and I paid my next month rent along with sending them the message discussed above. After a short while they just emailed me back this dry phrase "Thank you for your email." In two weeks' time I'm gonna need to pay the rent again, and I have such a feeling that shortly after that date the contracts will be exchanged and all the payments will be made.  Now my main concern is, if possible, not to end up paying rent after I move out.  
    • they cant 'take away' anything, what ever makes you believe that?  dx  
    • The text on the N1SDT Claim Form 1.The claim is for breaching the terms and conditions set on private land. 2. The defendant's vehicle, NumberPlate, was identified in the Leeds Bradford Airport Roadways on the 28/07/2023 in breach of the advertised terms and conditions; namely Stopping in a zone where stopping is prohibited 3.At all material times the Defendant was the registered keeper and/or driver. 4. The terms and conditions upon  entering private land were clearly displayed at the entrance and in prominent locations 5. The sign was the offer and the act of entering private land was the acceptance of the offer hereby entering into a contract by conduct. 6.The signs specifically detail the terms and conditions and the consequences of failure to comply,  namely a parking charge notice will be issued, and the Defendant has failed to settle the outstanding liability. 7.The claimant seeks the recovery of the parking charge notice, contractual costs and interest.   This is what I am thinking of for the wording of my defence The Defendant contends that the particulars of claim are vague and are generic in nature which fails to comply with CPR 16.4. The Defendant accordingly sets out its case below and relies on CPR r 16.5 (3) in relation to any particular allegation to which a specific response has not been made. 1. Paragraph 1 is denied. It is denied that the Defendant ever entered into a contract to breach any terms and conditions of the stated private land. 2. Paragraph 2 and 4 are denied. As held by the Upper Tax Tribunal in Vehicle Control Services Limited v HMRC [2012] UKUT 129 (TCC), any contract requires offer and acceptance. The Claimant was only contracted to provide car park management services and is not capable of entering into a contract with the Defendant on its own account, as the car park is owned by and the terms of entry set by the landowner. 3. It is admitted that Defendant is the recorded keeper of the vehicle. 4.  Paragraph 6 is denied the claimant has yet to evidence that their contract with the landowner supersedes  Leeds Bradford airport byelaws. Further it is denied that the Claimant’s signage is capable of creating a legally binding contract. 5. Paragraph 7 is denied, there are no contractual costs and interest cannot be accrued on a speculative charge.   I'm not sure whether point 4 is correct as I think this side road is not covered by byelaws? Any other suggestions/corrections would be appreciated.
    • Dear EVRi parcelnet LTD t/a evri   evri parcelnet isnt a thing also you say defendant's response which is a bit of a weird format.   Something like   Dear EVRi, Claim no xxxx In your defence you said you could not access tracking. Please see attached receipt and label Regards
    • Welcome to the Forum I have moved your topic to the appropriate forum  Residential and Commercial lettings/Freehold issues Please continue to post here.   Andy
  • Recommended Topics

  • Our picks

    • If you are buying a used car – you need to read this survival guide.
        • Like
      • 1 reply
    • Hello,

      On 15/1/24 booked appointment with Big Motoring World (BMW) to view a mini on 17/1/24 at 8pm at their Enfield dealership.  

      Car was dirty and test drive was two circuits of roundabout on entry to the showroom.  Was p/x my car and rushed by sales exec and a manager into buying the mini and a 3yr warranty that night, sale all wrapped up by 10pm.  They strongly advised me taking warranty out on car that age (2017) and confirmed it was honoured at over 500 UK registered garages.

      The next day, 18/1/24 noticed amber engine warning light on dashboard , immediately phoned BMW aftercare team to ask for it to be investigated asap at nearest garage to me. After 15 mins on hold was told only their 5 service centres across the UK can deal with car issues with earliest date for inspection in March ! Said I’m not happy with that given what sales team advised or driving car. Told an amber warning light only advisory so to drive with caution and call back when light goes red.

      I’m not happy to do this, drive the car or with the after care experience (a sign of further stresses to come) so want a refund and to return the car asap.

      Please can you advise what I need to do today to get this done. 
       

      Many thanks 
      • 81 replies
    • Housing Association property flooding. https://www.consumeractiongroup.co.uk/topic/438641-housing-association-property-flooding/&do=findComment&comment=5124299
        • Like
      • 160 replies
    • We have finally managed to obtain the transcript of this case.

      The judge's reasoning is very useful and will certainly be helpful in any other cases relating to third-party rights where the customer has contracted with the courier company by using a broker.
      This is generally speaking the problem with using PackLink who are domiciled in Spain and very conveniently out of reach of the British justice system.

      Frankly I don't think that is any accident.

      One of the points that the judge made was that the customers contract with the broker specifically refers to the courier – and it is clear that the courier knows that they are acting for a third party. There is no need to name the third party. They just have to be recognisably part of a class of person – such as a sender or a recipient of the parcel.

      Please note that a recent case against UPS failed on exactly the same issue with the judge held that the Contracts (Rights of Third Parties) Act 1999 did not apply.

      We will be getting that transcript very soon. We will look at it and we will understand how the judge made such catastrophic mistakes. It was a very poor judgement.
      We will be recommending that people do include this adverse judgement in their bundle so that when they go to county court the judge will see both sides and see the arguments against this adverse judgement.
      Also, we will be to demonstrate to the judge that we are fair-minded and that we don't mind bringing everything to the attention of the judge even if it is against our own interests.
      This is good ethical practice.

      It would be very nice if the parcel delivery companies – including EVRi – practised this kind of thing as well.

       

      OT APPROVED, 365MC637, FAROOQ, EVRi, 12.07.23 (BRENT) - J v4.pdf
        • Like
  • Recommended Topics

Ebay - Account breached


Matthew31
style="text-align: center;">  

Thread Locked

because no one has posted on it for the last 2577 days.

If you need to add something to this thread then

 

Please click the "Report " link

 

at the bottom of one of the posts.

 

If you want to post a new story then

Please

Start your own new thread

That way you will attract more attention to your story and get more visitors and more help 

 

Thanks

Recommended Posts

Hey, just wanting to know where I stand.

 

Let me start with saying i'm no newbie to computers and this wasn't a case of me giving away my login details via some [problem]/phishing email.

 

 

I have more than 20 years computer/internet experience under my belt and even have no use for anti-virus software (put it this way, I know to avoid anything which might gain me a virus and know the system registry and background tasks like the back of my hand).

 

My ebay account has been up and running for just over 15 years without a problem.

 

eBay has always been fine for me.

 

 

To cut it short, the past few days the money in my bank didn't quite add up.

Something was pending for £30. I guessed it might just be their systems catching up.

 

I had a look at my eBay account and shocking to me was a purchase done a few days ago for a computer game priced at £30.

 

I knew it wasn't me or anyone else I knew who made that purchase.

Some cheeky sod has well and truly defrauded me out of money.

 

 

They bought the game (which includes a download code and a disc).

 

 

They read the eBay inbox message with the download code,

redeemed it and got the disc

(which is useless as the code has been redeemed)

dispatched to my old address that was still saved on my account.

 

They even tried to hide the fact by paying for it,

not out of my linked PayPal account direct

(which shows on my PayPal account transactions),

but via my debit card saved on my eBay account

(that processes through PayPal but doesn't show up in my PayPal transactions history).

 

 

The only way I can imagine this happened was because of ebay's 2014 data breach and now how frequently they require someone to change their password. About a week ago I logged into my eBay account (via a typed address) and was forced to change my password. My current password was secure (7 digits long, 2 capital and 1 non capital letter), but as I would struggle to remember another similar password, I used a basic password I used to use 10 years ago. It's possible that login/password combo was saved by a bot all those years ago and was detected as being my new password and the account was accessed.

 

 

Where do I stand now?

 

It shows on my bank account as card payment to paypal. The bank have cancelled my card and i'm guessing they could do a chargeback that will likely cause me fees with PayPal and a suspended account.

 

Will PayPal/eBay refund this? Considering the voucher would have been redeemed by now.

 

Thanks

Link to post
Share on other sites

First report to Action Fraud which i think you can do online

 

Second report to Ebay and ask them what they can do to help.

 

You don't want to do any chargeback, as you will just get Ebay treating you as a debtor. Ebay won't refund, unless there is any evidence of them being at fault.

 

Before you do the above. If you think about this, why have you been targetted in this way and only for £30. You need to check with Ebay to make sure no other attempts to use your details have been made. Have you ever given away an old computer/laptop to a friend/relative or sold/traded in an old one ? Have you ever used someone elses computer to use Ebay and have forgotten about it ? I have a gut feeling that this is not an Ebay hack, but it might just be someone has used an old computer you have used for Ebay and they have found your Ebay log in. To test it out, they have made a £30 purchase. If it were a criminal, i suspect they might have made a higher cost purchase or this was just a tester with more transactions to follow.

We could do with some help from you.

PLEASE HELP US TO KEEP THIS SITE RUNNING EVERY POUND DONATED WILL HELP US TO KEEP HELPING OTHERS

 

 Have we helped you ...?         Please Donate button to the Consumer Action Group

 

If you want advice on your thread please PM me a link to your thread

Link to post
Share on other sites

Thank you for the reply.

 

The thing is, I only had that much left in my bank so it was the only thing they could take.

 

The only thing I can imagine it being is a few years ago I lost my mobile phone. It didn't have a lock on the screen. It was reported to my phone provider and all they could do was cancel the sim. I think this was linked to my google+ account (Which stores passwords and updated passwords).

 

If someone recently found this phone, charged it up and got into my eBay account, they might have made the purchase.

 

Whoever did it, knew what they were doing.

 

As soon as they got access to the account they changed the password and notification settings (So I wouldn't receive an email if they bought something).

 

Thank you, I will report it to actionfraud

Link to post
Share on other sites

I agree with UB.

 

I think you also need to be careful as you mentioned you have no need for antivirus software due to your computer knowledge.

 

I can appreciate what you are saying but how can you be 100% sure there is no infection in your device?

 

Are you using any protection on your device i.e. anti-spyware, firewall etc)

How to Upload Documents/Images on CAG - **INSTRUCTIONS CLICK HERE**

FORUM RULES - Please ensure to read these before posting **FORUM RULES CLICK HERE**

I cannot give any advice by PM - If you provide a link to your Thread then I will be happy to offer advice there.

I advise to the best of my ability, but I am not a qualified professional, benefits lawyer nor Welfare Rights Adviser.

Please Donate button to the Consumer Action Group

Link to post
Share on other sites

100% because I am an expert. Over 20 years experience and a wide computer knowledge. Viruses come in several forms including crypto (ransomware) and keylogger.

 

Anti-virus software is mostly just there as insurance. It allows people to carry on with their normal activities but gets them out of a potentially bad situation if they download something they shouldn't have.

 

The most common ways of compromising someones account these days doesn't even require the host system to download a virus. It's through the spoof emails people get that pretend to be from a certain company requiring them to enter their password. The user is then redirected to a page that looks exactly like the website (except the url wouldn't be correct) where they enter their password and the fraudster can then access their account.

 

The other is via dodgy email attachments that can either be keylogging software (tracks username and password entries, sends them back to fraudster) or ransomware (password encrypts the users most important folders like "my pictures" and demands payment within 48 hours for the code to unlock the folder again).

 

Even "hacking" doesn't exist on the scale it's mentioned in the media. Normally what happens is someone falls for a spoof email, they give their details away, end up becoming a victim to fraud and the report is along the lines of they were "hacked". Hacking these days is an overused term and really the only 2 ways of "hacking" that are common are DDos attacks (sending excess traffic to a website via many "host" infected systems) that overload servers so the website goes offline, and brute force hacking (running software that generates millions of password that tries each password until they get in). Although the brute force method is becoming more and more uncommon due to account servers only allowing a certain amount of attempts before locking the account or requiring CAPTCHA codes.

 

 

15 years ago I stopped using anti-virus software when my computer knowledge got to an expert level. Since all this software did was slow down my system with routine scans and never found any viruses.

 

Today, just to confirm what I already knew I downloaded Norton anti-virus. I have a premium licence that was included with my ISP package that I never used before.

 

I activated it, did a full system scan and the results as expected were no viruses were found. So the only ways this could have happened:

 

 

1) Someone found my long lost phone and got into my eBay account via the connected google account which automatically syncs any password changes.

 

2) The forced password change. As said, quite recently when logging into my account, I was forced to change my password due to when they were compromised in 2014 and user details were leaked. As I couldn't think of any new password I would remember, I changed it back to an old password I used to use. So maybe if that password was on the compromised list, someone might have tried it recently.

 

 

 

So far I have reported it to actionfraud and also to PayPal. PayPal have told me there is no unathorised activity logged on my account (and they even told me, that instead, if I am unhappy with the item I "purchased", I should contact the seller to arrange for a refund). Ebay have been very difficult to contact

Link to post
Share on other sites

The strange thing about any device used to make this payment to Ebay is that normally the 3 digit security code from the back of the card is missing in the relevant data field, so if someone gets hold of your device they can't make an unauthorised payment. They could guess, but difficult.

 

Ebay can confirm what data was used to make this purchase. If they interrogate the data, they might also be able to confirm what device was used to make the payment. When you process any debit card transaction online, loads of other data is sent and in these type of circumstances it can be useful.

We could do with some help from you.

PLEASE HELP US TO KEEP THIS SITE RUNNING EVERY POUND DONATED WILL HELP US TO KEEP HELPING OTHERS

 

 Have we helped you ...?         Please Donate button to the Consumer Action Group

 

If you want advice on your thread please PM me a link to your thread

Link to post
Share on other sites

>Pastebins of comprimised accounts from other websites that you are registered to

>Brute force using Rainbow tables

>Hidden software on your PC that an AV wouldn't pick up Norton is bad for this

 

An IT expert using this - "syncs any password changes," I don't understand why people use these save passwords options etc, if your browser, account or whatever you are storing passwords gets compramised then that's it they get all your saved passwords that can be exported to clear text using varities of free software.

 

For an expert you don't seem to demonstrate much care for a secure system. There are alot of optimized and well maintaned A/Vs out there that don't slow down your system or throttle your internet connection.

Link to post
Share on other sites

I'm sorry, but I must agree pixel, you make yourself sound quite tech "unsavvy" the way you are speaking.

 

For a tech, the absolute minimum is changing passwords often and keeping an up to date antivirus.

And there are many more ways of getting viruses on your pc than what you have quoted.

 

I'm sorry, but not changing passwords, not having any antivirus, not keeping tech secure and then not changing passwords after you have lost said unsecured tech is a fine way to fall foul of hackers /[problematic]/id thieves.

 

How do you know that a government website wasn't hacked, you then logged on their to do something and downloaded a virus from there without even realising.

 

Also, virus scanning AFTER an event is often useless as a lot of viruses will shred themselves to avoid detection once it has what it wants.

 

Personally, id write of the £30, get a decent antivirus and move on.

Link to post
Share on other sites

I agree with Grumpy and Pixel, to use a crude analogy it's like visiting a certain part of Amsterdam without a 'raincoat' because you know the signs, symptoms and transmission routes of STI's and think that the knowledge itself protects you. You've just been charged £30 to find out the hard way that your expert status offers no more protection from cyber crime than a cotton tshirt does during a storm.

My views are my own and are not representative of any organisation. if you've found my post helpful please click on the star below.

Link to post
Share on other sites

As it turned out, this breach wasn't anything to do with anti-virus, ebay or Paypal. It was to do with someone accessing my email account and using it to change my password on ebay.

 

What they did was accessed my email, set filters to incoming ebay and paypal emails so it's diverted to my deleted folder (So I wouldn't see any future emails from ebay in case they did flag it as suspicious.

 

 

 

People say about changing your password frequently, but, there is actually no way to change your password via orange's webmail system. For anyone who knows what webmail platform I am talking about, it's email.orange.co.uk.

 

See it this way, a fraudster gains access to someones account. Bingo! The first thing they would do is change the password right? Of course they would. Even the fraudster didn't change my email password because there is no way for them to change it.

 

 

I personally spoke to orange's support earlier and had this out with them.

 

 

Here goes.....

 

 

The email address in question was provided to me when I lived at my old address with the internet connection I had there. When I moved, I cancelled the internet connection and as I was using the email address still, they kept this email address active.

 

Normally, to change your password for this email, you log in to your broadband account using the email address, then change your password there (which also changes it for the email address). That is the only way to change your password.

 

In my case, I had no broadband account active to log into. So there has been no direct way to change my password.

 

I was told, most people either change email address when they change ISP, or, use the pop3 settings through a mail reader like outlook (which, rather than store emails in the webmail, pushes them to the device and stores them there).

 

They told me, in future, if I still want to use my email address via the webmail platform and want to change my password frequently, I will need to select "forgot password" and change it via that method.

 

Orange/EE have as a result of this offered a form of compensation.

 

 

 

As for eBay, they have now logged it as unathorised access to my account and told me I am to contact either my bank or PayPal to get a refund of the full amount.

 

 

 

Attachment show the filters the fraudster set on my email account so I wouldn't see incoming ebay and paypal emails and also that there is indeed no way to change the password via webmail

 

Filter1.png

Webmail 2.png

Orange webmail 1.png

Filter2.png

Webmail 2.png

Link to post
Share on other sites

How did they get hold of your Orange email address and do this ?

 

Surely Ebay have details of the IP address location of where this happened.

 

If this relates to information on the lost mobile phone, what other account information have they obtained and tried to use ?

We could do with some help from you.

PLEASE HELP US TO KEEP THIS SITE RUNNING EVERY POUND DONATED WILL HELP US TO KEEP HELPING OTHERS

 

 Have we helped you ...?         Please Donate button to the Consumer Action Group

 

If you want advice on your thread please PM me a link to your thread

Link to post
Share on other sites

not needed as it is set as a DD not a distance payment.

There are specific frauds that only work on ebsy, one of those is putting a flase page over the top of a genuine one so when you go to the real item you are interested in the fake page masks it but appears identical to the viewer. If you the enter anything into this page-ie show an interest in buying the item for example the mask then follows your activity and harvest your data so you username, pw and links to paypal accoutns are compromised. sometime the thieves do the same with a walk through vis just a few pixels on the genuine page so hover over a small are of the item for sale for example and you will connect to the fake page. Again this allows the bad uns to harvest certain information they will then use to oredr stuff at your expense, oftem non tangible items like gaming codes but they sometimes buy their own listed items. Coin seller in China use to use that trick.

The strange thing about any device used to make this payment to Ebay is that normally the 3 digit security code from the back of the card is missing in the relevant data field, so if someone gets hold of your device they can't make an unauthorised payment. They could guess, but difficult.

 

Ebay can confirm what data was used to make this purchase. If they interrogate the data, they might also be able to confirm what device was used to make the payment. When you process any debit card transaction online, loads of other data is sent and in these type of circumstances it can be useful.

Link to post
Share on other sites

  • Recently Browsing   0 Caggers

    • No registered users viewing this page.

  • Have we helped you ...?


×
×
  • Create New...