Did you know there is a book you can buy online, which tells you how to defraud eBay and Paypal? In recent years, we were highlighted to the case of one student in Australia had opened up over 100 bank accounts, and coupled with multiple Paypal and eBay accounts, he was able defraud online buyers of a total over $80,000. The student was only caught when the bank in question made an error and deposited $2 million into one of his accounts. The temptation was so great, he went into the bank, and tried to withdraw it. A bank teller was suspicious when he did not even know how much he could withdraw in cash – something he should have known if he had an account so large. The bank manager and eventually the police were called. You must ask yourself, do you have sufficient IT support, if you are doing business online? Let’s look at some of the interesting points of this case.
• Banks Accounts. The question has to be asked, how did the young student manage to open so many bank accounts under fraudulent names? He had been using fake identification to set up the accounts so the money from eBay and Paypal could be transferred out into cash. If he couldn’t open those accounts, he would not have had access to the money. Was the $2 million dollars in one of his accounts bait by the bank? None of this has been answered. With strict laws for identification, does this mean the banks were not even verifying the personal information used to open the bank accounts?
• Where is the Media when we need it? While being a high profile case, there has been little in recent media explaining what has happened since this time. There has been nothing on TV, and there is no mention of this on eBay or Paypal. How could this possibly be the case? Where are the changes from the banking industry, and online security companies, to stop this from happening?
• Recent eBay and Paypal – Buyer Protection. I recently purchased an item from eBay. The users details were soon not available and the contact information on eBay led to a wrong number. Note you can exchange more information after a transaction with another user. I raised a dispute to freeze the funds. Ultimately I got the funds back. The email from Paypal said, “because the funds were available in the account”. If this person had managed to move the funds out, I would have been at a loss. There is no explicit guarantee you will get your money back.
• Major Failure. Even if you have the most secure and protected online transactions, and even the best commercial online security support, you are still open to fraud. This is not an issue of eBay and Paypal not being able to protect you because of their lack of security. It is the fact that they cannot even be sure about the bank accounts that protection is based on. Where are you at risk? The book on how to do this has been freely available online for a number of years, and this is only one case, of one student. How many more do you think there are? If a bank account is fraudulent, how can any other security work?
This type of fraud is not limited to eBay and Paypal, and it highlights some gaping holes in so-called online payment security. Is there a business IT support company that can provide this if Paypal cannot? How can you even trust the bank? How much can we trust online payment systems if the clients identification systems are flawed?