/ Scams

Scam watch: did PayPal misunderstand remote access software fraud?

Remote access software is commonly used by scammers to commit fraud. Here’s how it was used to transfer £5,000 from a victim’s PayPal account.

A scammer transferred £5,000 from a victim’s PayPal account after logging into their computer using remote access software. They reported the fraud to their bank and to PayPal immediately.

Remote access scams: the call that could wipe out your life savings

The bank did a good job and stopped any money from leaving their bank account, but PayPal disagreed that it was a fraudulent transaction and sided with the scammer. PayPal then began to pursue them for the money, threatening the victim with debt collectors.

Investigating fraud

PayPal’s buyer policy promises it will investigate fraud on its platform and says that customers aren’t liable for unauthorised purchases. Yet it may have quickly jumped to conclusions in this case because the transaction was made from the victim’s usual device and location associated with their account. That’s because scammers had maliciously accessed their computer.

It appears PayPal misunderstood a tactic increasingly being used on its platform to defraud its customers and decided the transaction was authorised by the victim. We challenged PayPal that this was in fact an unauthorised transaction because the victim didn’t give permission for the payment.

The large payment amount was also uncharacteristic for the victim; a frequent user for more than 10 years. This, coupled with the fact that the receiving account was based in Australia, should have raised suspicions.

PayPal has since investigated further and said:

Unfortunately, as [redacted] had given the fraudster access to her computer and the PayPal security code, the fraudster was able to send a payment from her PayPal account. When she realised that this was a scam, she claimed that she had not authorised the resulting payment. We rejected the claim as she admitted that she had willingly provided her details to a third party. But we were able to recover the funds and return the money to [redacted] account. We are pleased that the matter has been resolved.

Remote access software scams

If you’ve been affected by fraud on PayPal and you’re struggling to get support, remember that the platform is also covered by the Financial Ombudsman Service, and you can escalate your case if necessary.

Guide: getting your money back after a scam

Have you been the victim of a remote access software scam? Did it involve PayPal, or another brand, such as Amazon? Let us know how the situation was dealt with in the comments.

Comments
Jon says:
30 April 2021

I don’t link my debit card to my PayPal account but transfer money from my bank account into my PayPal account when needed. This means that even if my PayPal account is compromised there is no little or no money in it, and it can’t access my bank account.
Incidentally, Malwarebytes is available for Android.

Don’t trust Paypal. They have their own view of how things work and refuse to accept normal honest procedures

I absolutely agree with Frances as I have had bad experience with PayPal myself they always seem to state that the seller has sold the correct product and twice I have lost out but this time for the third time I thought enough is enough and put it into the hand of the ombudsman and PayPal had to refund me but with a grudge.

Pleased to see that PayPal have been called out on this occasion. However, siding with scammers and dubious merchants against consumers is their standard practice. Their Buyer Protection Guarantee is worthless. It took me over a year to reclaim from a bad merchant…at the same time reporting it to the Ombudsman. Coincidence??

Kay Forsyth says:
30 April 2021

Noticed 3 items on my bank account supposedly bought through ebay. As I hadn’t bought from ebay for months, I tried to get my money back through ebay. They were no help. Finally asked my bank and they refunded the money but PayPal although acknowledging that 2 items were fraudulent, refuse to believe the third item was fraudulent also. They won’t answer any messages and will not let me cancel my account with them.

Kate Scribens says:
2 May 2021

You can cancel your direct debit with PayPal with your bank though.

Peter morgan says:
30 April 2021

PayPal is a waste of space.they do not do what they say they will do.i would urge everyone not to use
PayPal for anything.🙁
Cheers.

John Garbutt says:
30 April 2021

I’ve been feeling doubtful about a series of messages apparently from Paypal encouraging me to
set up a parallel credit account. This could easily be scammed.
With regrets, because it all began with good intentions, I’m cancelling my account with Paypal.

I have had a phone call saying my National insurance number was threatened. Could this be a scam as I have not taken it further as requested? Their number was/is 07504 804808 & 07504 804393

A J Jones – It certainly is the the lead-in to a scam. If you engage with the caller they will try to extract information from you or gain access to your computer in order to hack into your accounts and steal your funds.

Worrying people about their National Insurance being under threat is ridiculous. Although it is an essential identifier in certain financial transactions, on its own the NI No. does not enable access to anything and it stays with the individual throughout their life. No one else [other than the DWP (Department of Work and Pensions)] can change it or interfere with it. If they needed to contact the subject they would not try to phone them out of the blue, but send a formal letter quoting the full name and address and the full NI No.

David Wood says:
30 April 2021

It’s a scam be assured I have received the same phone call twice so far.It’s easily said but you have to be vigilant.when we get a phone call we don’t answer unless we know who the caller is.That would be anyone who you have in your contacts.There seems an upturn in scammers now so I recon it’s better to not answer the phone.

Abe says:
1 May 2021

Definitely sounds like a scam.

Hazel says:
3 May 2021

I had one of those calls. I ignored it as things like that make me suspicious.
The current text I keep receiving is about underpaid postage. I ignore those too as they often come on when I know I haven’t sent anything & if I order something postage is included on the order. The text comes from “Royal Mail”

Peter says:
Today 00:07

This is definitely a scam.
Same vein as the HMRC saying you are the subject of legal action/ arrest warrant.

It is getting so hard to tell what is real and what is fake.

That’s most definitely a scam, and it looks like they’re using single use numbers to stop them being traced, as the number is different every time. I had someone try that with me recently one morning three times in a row with a different number each time and it furiously wound me right up so they got a right load of abuse and that seems to have scared them off as that was several weeks ago with the amazon scam and they haven’t tried it again since. And I’ve never had an account with amazon as it looks far too complex for me and they would most likely insist on saving my card details and my address etc. so they can get stuffed too. So if any scammers try pestering you just tell them to get lost.

Kathryn Wyatt says:
1 May 2021

My PayPal account was scammed for £700 and I was sent a debt collectors notice. I spent hours on the phone to PayPal and eventually they withdrew the claim. I never heard from them about it subsequently. They neither tell you whats happened, nor do they make it easy to close your account. I have written to them and still get nothing. They are a law unto themselves. I just don’t need or buy ‘stuff anymore but live in the real world.

It seems to me that a lot of this OUTRAGEOUS fraud is happening because of FAR too ridiculously liberal governments, including ours here in the UK. What we need is thoroughly RIGID regulation of all our financial services including those like paypal as it seems to me that the voluntary codes are absolutely no good and our government is being far too soft on our services, just like they are on anti-social yob teenagers who should have to attend compulsory military boot camp after leaving school, plus there should be far stricter discipline in our secondary schools too but that’s another subject. And I think it might also be the case that those who fall victim to these various scams are not using complex enough passwords, and/or are not using security software which includes an anti keylogging feature which is absolutely essential. And if your security program does include such a feature do check the settings and make sure that feature is active. And try running a full system scan before any online transactions as I do, I know it takes hours but it helps keep your system safe and you should run such a scan at least once a week.

In practice, I doubt most users want to spend hours running an antivirus check before any online transaction, not least impulse purchases. Nor should they have to, if their security software defaults to automatic background scans.

For those daring or reckless enough to use Windows as their main means of online access, a really useful security precaution is the use of separate logins for system administration and user accounts. Then if only the system account is given full system rights, this limits the damage that ordinary users can do, e.g. if they receive malware or click on malicious links while browsing.

Most other OSes impose such restrictions by default.

I think one problem here is people keeping too much money, possibly all their life savings in some cases, in their current account which I would never do. I think it makes far more sense to keep the vast majority of your savings in a separate savings account which should be out of reach of online criminals and just keep as much as you need in your current account for everyday use. It’s just like the old saying of “don’t put all your eggs in one basket” which is now more relevant than ever. And it also looks like what we’ve got here is an online version of what some anti-social yobs do on the streets and in schools too or wherever where they meticulously take advantage of every possible fault and limitation of the law so that they can manipulate the situation against their victim while they gluttonously FAT gloat and sneer at the victim again and again and always keep just within the law so they can keep on hounding someone or setting them up etc. and taking advantage of every weakness so the likes of paypal have got some serious learning to do and fast about it. This stunt has obviously been pulled by someone somewhere who knows how to twist paypal’s system around against their victims, it’s just like those sly celebrities who take advantage of their fame and status and quietly molest some poor child out of sight somewhere and then take the attitude of “who’s going to believe you?” So I hope our authorities and those in other nations will quickly learn how to deal with this kind of outrageous stunt and get ahead of it and not just leave the victims helpless and of course we ourselves must be thoroughly vigilant while online instead of being all loose and slack and casual as all too often “carefree” means careless, just like casually forgetting to lock up your car while you’re in the supermarket for instance. And I don’t do any online transactions “on impulse”, I have set procedures which I stick to and it’s kept me safe so far. And I’ve had a basic account with paypal for six years now and so far the only problem I’ve had is where it won’t work on some sites and the transaction fails so I have to start again and use my card instead.

I keep my savings in a draw. With interest rates averaging 0.01% why give it ro a bank to lend out at an average of 16%. P**s taking vultures.

I keep my savings in a draw. With interest rates averaging 0.01% why give it ro a bank to lend out at an average of 16%. P**s taking vultures.

Chrissue says:
2 May 2021

My daughter didn’t give anyone access to her computer or to her PayPal account. Someone in USA bought a car from eBay bringing her attached bank account overdrawn. PayPal said they couldn’t do anything because the payment was authorised, refused to give receiver’s address details because of data protection since she admitted she hadn’t ordered it. Luckily Barclays Bank sorted it. I cancelled my PayPal when she cancelled hers.

Pat - Somerset says:
2 May 2021

After reading this I immediately signed in to my PayPal account, deleted my credit card details (no problem but it was out off date anyway).
However I was unable to delete my direct debit . Told to try again later so I deleted it on my banks website
Thank you all for all the above posts and information. Although retired now I worked hard for my money and have no intention of letting it fall into others hands or coping with the stress of involving an ombudsman or dealing a deaf company like PayPal

Ryan Johnston says:
3 May 2021

Some who willingly gives remote access to their PC and on top of that willingly provides the scammer the security code for the transaction (which is sent as an SMS to their phone) deserves no better than to lose their money. These people should take responsibility for their actions and should not be refunded. Remember, these “refunds” are paid for by all other customers through their fees.

I’d never use PayPal. They allowed a scammer to set up an account using my email address and other personal details (including home address and mobile number), which must have been stolen in a data leak, yet when I reported the account to them as fraudulent via Twitter they first alleged it was genuine, then said it would be investigated, but still did not close it. When I challenged this again they said they were unable to deal with me via Twitter – but i had no other means to contact them as emailing or phoning them required me to first log in to an account, which I couldn’t as I didn’t know the password for the fraudulent account! Eventually I managed to request a password reset to be sent to my email so I could get into the account and then call them, but even then they refused to let me close the account until I sent scans of bills to prove that the credit card associated (long since cancelled because of fraudulent transactions on it) was mine! They really don’t care about identity fraud and are not interested in dealing with it.

I think there’s some degree of gross entrapment here as if we’re not going to use paypal then what else do we use? Especially as so many sites, especially the stores and supermarkets and the diy sheds etc. as well as the big online auction sites and marketplace platforms etc. insist on saving our private card details which are none of their business. At least with sites like paypal the vendors can’t see your card details. And if someone’s personal details fall into the hands of criminals then there must be far too slack security on a site somewhere, most likely a supermarket, either that or the victim is using a far too simple password. And most trading sites in the UK in my experience only accept either the usual cards or paypal, very few accept any other payment site like klarna for instance, and none of those I deal with accept such a service. So this is why we MUST all demand far better end to end encryption to be made compulsory and far stricter regulation for online trading and banking generally. So I would suggest that you all get writing to your various MP’s, or AM’s or MSP’s and MLA’s etc. and get them told! And we should be demanding far fairer terms from vendors so that they can’t insist on saving and storing our private details and the same goes for the other more essential services too like banks. And the NHS and the inland revenue and the dwp etc. should have rigid end to end encryption as standard as it seems to me that our governments are not keeping up with the fraudsters, I know they do have a cyber crime service operating for our protection but we also need far stricter security regulation too.

I do not have a PayPal account but somebody managed to open one with my bank account details. I began to notice unfamiliar direct debits from my bank account with Santander, who reimbursed me but refused to put a stop on further direct debits accounts being set up. I changed my account number with the same bank but a fraudster managed to do the same thing again. So I changed to a different bank, explaining why to both banks. Guess what? Santander kindly transferred the fraudulent PP account to my new bank. I reported the case to the banks fraud team ( clueless) and to the banking fraud team but they are too overwhelmed to investigate so nothing done. Finally stopped the fraud with the new bank.

Crusader says:
5 May 2021

I don’t mean to be a “know-it-all” but what you’ve described there looks like you might’ve fell victim to a dreaded keylogger. That’s a sly piece of malware that sit’s in the background out of sight but logs all your keystrokes on your keyboard so no matter how much you change your password it will be automatically collected each time by the fraudster, along with your account details and everything else you type. So you need to run a full system scan of your whole system to try and find it and get rid of it. And if you haven’t already you really should have a decent full featured security program which includes anti-keylogger software, and then check the settings to make sure it’s active.