I got hit by this. I had an incredibly long, TeamViewer-specific password, and a family member happened to witness (what was likely a bot) incredibly quickly open Chrome, go to Paypal, login using saved credentials, check the settings page, and then pay an invoice that had been generated moments after viewing the settings page.
TeamViewer has definitely been compromised, and reddit.com/r/teamviewer is replete with reports.
Not if you have full disk encryption. Of course they could try a cold boot attack if the computer was found on, but normal criminals don't have that expertise.
Convenience. It was a mistake that I've since reverted. I'll probably switch to a password manager that requires a master password to unlock domain-specific passwords.
I use PayPal only about once or twice a year (try to avoid it if at all possible) and my security routine is to totally close the PayPal account again afterwards.
Yes, I just had a look at paypal's user agreement, and this does seem to be the case. That begs the question - why are the hackers even bothering to do this, if all their transactions will be cancelled? Are they hoping that a small % of their victims won't notice the fraudulent transactions?
Most paypal fraud, like credit card fraud happens at a very small scale. A fraudster pays $50 for 50 accounts and then spends a day with them and maybe walks out with $300.
The guy selling the accounts sells hundreds of thousands of them, and obviously doesn't get involved in the fraud itself.
This is why this whole thing is so strange, there's a bunch of people claiming that someone hacked teamviewer and is now using that access for petty paypal fraud instead of targetting the tens (if not hundreds) of thousands of PoS systems teamviewer is used to manage.
>Are they hoping that a small % of their victims won't notice the fraudulent transactions?
No, they certainly don't care if the payments get charged back or not. If they try to send money to their own account, it'll be suspended before they can actually withdraw it out of PayPal.
Instead in this case they seem to be trying to buy itunes gift cards, undoubtedly with the intent to sell them (on sites such as g2a.com) before they get cancelled.
It's a very different process challenging credit-card-funded payments vs. those funded by bank account or funds already in the Paypal account. The former is easy, and you have two levels of challenge (via Paypal and via the credit card issuer).
On PPs end challenging them will be all the same, and generally you'll win the dispute instantly by calling them.
However of course bank funded payments will have some delays. Letting things pull money from your bank account like that is a terrible practice, and people should know better.
Have you actually pursued this process for payments funded by balance or bank transfer beyond a week or so after the charge?
I have.
It's fine if the recipient's account is still active and they successfully get the money back from their deposits or linked account. But in deliberate fraud cases, their only reclourse would be to to refund you out of their own pocket. Paypal has no incentive to do so. Once the money is beyond their reach (e.g. withdrawn via debit card or transferred to an outside account which is then closed), they will not help, in my experience.
Even if you fund via a credit card, if the payment recipient is beyond their reach, they make you jump through numerous fake loopholes (in one case I had, they claimed they had proof of delivery... and gave tracking data for an item shipped from the wrong state and shipped to a location 2000+ miles from me and to another name). I then contested the charge via my card issuer; the phone rep said that this happens often.
I say this as a user from the year they started business (back when they paid a $5 bounty to sign up) and with over 50,000 Paypal transactions.
I've been on the phone with PayPal on far too many occasions, and they definitely know how to handle these issues quick.
Although, you wouldn't even really have to call them. You can dispute the charges with like two clicks on your account page. It's just that if you call them, they can instantly settle the dispute in your favor.
I got hit as well, along with a family members computer who was logged into my account. They hit up amazon and PayPal on the other computer due to saved passwords.
I got hit with this too. TeamViewer showed incoming connections from Taipei & Guangzou. What I'm interested in figuring out is how sophisticated the attackers were. I immediately took the breached machine offline & plan on scanning it for negligees etc. I called TeamViewer & their response neither acknowledged or denied the hack. They simply asked me to report to local authorities & promised that they'd be cooperative with lots/etc.
To expand on this further, most (i.e. not all) of the reddit reports are meaningless as on any given day there's going to be tens of thousands of examples of this kind of fraud.
Unless the reporters have some specific evidence that teamviewer is at fault, it's overwhelmingly likely that many of them were hit by some totally unrelated fraud.
Well it's related to Teamviewer for sure, because it shows up in the people's Teamviewer connection logs. Yeah it could be other malware that is stealing the Teamviewer credentials from their computer. But that seems like more work than necessary, because only a few percent of people have teamviewer installed and running, and they could attack everyone by having them malware install their own remote access service.
TeamViewer has definitely been compromised, and reddit.com/r/teamviewer is replete with reports.