Hackers Steal $53,000 a Day Through New Paypal and Facebook Scam

It seems the coronavirus isn’t the only pandemic the world should be worried about — with a costly new online scam sweeping the internet.

The new scam involves using hacked Facebook accounts to request money from people’s loved ones, and utilising the PayPal chargeback feature to steal their cash. According to CyberNews, the hackers responsible are making as much as $53,000 a day, with women the most vulnerable demographic.

The scam seems to work because of its complexity, involving up to three victims at a time.

Victim One has their Facebook login details bought on the dark web;

The hacker logs into the victim’s account using these stolen details and contacts their Facebook friends;

As soon as one of those friends responds (becoming Victim Two), the hacker asks to use their PayPal account to receive a payment, pretending that their own (Victim One’s) PayPal account is not working;

The scammer sends money to Victim Two’s PayPal account and they transfer it to the scammer’s account;

The scammer then uses PayPal’s Chargeback feature, which lets users reverse a transaction that has already been cleared. As the money has already left Victim Two’s PayPal account, they get charged the amount, but the scammer gets the initial value of the money they sent transferred back to them.

CyberNews’ insight suggests scammers are based mainly in the UK, the US and Russia, with smaller groups in Kenya as well, and for 80 percent of them, scamming is their full-time job.

When we contacted them about this scam, PayPal’s Press Office said:

“We never lose sight of the fact that we are entrusted to look after people’s money. We take this responsibility very seriously and use advanced fraud and risk management tools to keep our customers and their payments safe. We go to great lengths to protect our customers, but there are still some basic precautions we should take to avoid scams.” “We advise customers to be wary if they receive unusual requests about their PayPal account, especially requests to move large amounts of money, even when the request appears to come from someone they know. Always question uninvited approaches in case it’s a scam, and check directly with the person concerned to verify the request. And never accept or move money on behalf of someone else.”

In today’s world, data is everything. It’s the new digital currency that drives businesses all around the world — and keeps us up at night. How do people know that their private data is kept private? How do businesses ensure their own data, and their customers’ data, is safe?

Featured image credit: Freepik