Subscribe to This Blog | Author Login

Banking on Tomorrow
"tomorrow is promised to no one"
Amazon | CNN | Wikipedia | CEOExpress 
bleeding heart....

You are viewing an individual message. Click here to view all messages.

Carol H Tucker

Passionate about knowledge management and organizational development, expert in loan servicing, virtual world denizen and community facilitator, and a DISNEY fan

Contact Me
Subscribe to this blog

beladona Memorial

Be warned:in this very rich environment where you can immerse yourself so completely, your emotions will become engaged -- and not everyone is cognizant of that. Among the many excellent features of SL, there is no auto-return on hearts, so be wary of where your's wanders...

  Navigation Calendar
    Days with posts will be linked

  Most Recent Posts

Day 7 - closing loopholes

Today is the 7th day of the 1st week, the 7th day of the 1st month, and the 7th day of 2023

It took a ridiculously long amount of time to get through to the Fraud and Verification Dept at 1.8.Flowers and after talking to them, I finally know what happened and how Badriyah  [which in Arabic apparently means "resembling the full moon" was able to access my PayPal account without logging in to either GMail or PayPal, thus bypassing all my security cautions.  Because I had ordered from them in the past as a guest and did not set up an account, they were able to create a profile with the merchant, using all their own information [which was probably fictional] but with my email address.  The address used comes up as a single-family bungalow in Sacramento CA and matches the phone number given.  It is owned by Badriyah El-Almin, who is 46 years old, but the name on the fraud account was Badriyah Badriyah, so she may not have been the perpetrator.  The message on the order was:  "I miss you.  Larry" so he may be the guilty party

So how did it go through?  PayPal had the merchant listed as an "active subscription" because I had ordered from them years ago without setting up an account iwth the merchant.  They didn't have to log into the merchant, and idn't require any authentication to complete the transaction using my email addy.  The rep took one look and agreed it was obviously fraud, cancelled the two orders totally the $231.14, and told me I should see the refund in PayPal in 3 - 5 business days.  Meanwhile, my credit union sent PayPal a chargeback.  I'm whole now, but I'm betting the merchant ends up taking the loss even though it was PayPal's fault the transaction went through.

That settled, I have been on a witch hunt for hours to see how to ensure that doesn't happen again!  After some determined sleuthing, I found that you can see all the "active subscriptions" in your PayPal account by going to your account, logging in to Paypal and then going to settings / Payments / Manage automatice payments / active.  Apparently?  PayPal never forgets transactions, and you need to be leery of that message telling you "this is a trusted site" because that is the loophole Badriyah slipped through I found "active subscriptions" where the last transaction was years ago -- the oldest being 2012!  All in all, altho I left a couple actual subscription payments intact, I deleted 39 merchants, including 1.800.Flowers.  I also set up two-factor authentication for any new order coming out of PayPal and I will definitely remember to review that "active payments" list regularly

I am rather appalled that armed with nothing but my email addy and no other personal information, Badriyah managed to complete this fraudulent transaction. 

But at least I was made aware of and closed a loophole that could've caused a LOT more damage. 

And, I hope the chocolates give her a tummy ache and the flowers activate her allergies.   So there!
Permalink | Saturday, January 7, 2023