The first question I am asking, is how did they get your details?
Your PP address is pretty public, but your password was used elsewhere/cracked or your computer has a virus. Don't reuse passwords, if you can enable 2FA. I know it's difficult to remember all the passwords, so pick a strong one and then add the company to the end so P4ssw0rd5462111-eBay.Virus scan your computer with multiple (at least 2) free/trial AV packages. If you find anything pretty nasty, then consider a reinstall of the OS.
Use a different email address for paypal to anything else. My eBay email is different to my Paypal email on purpose.
With regards PP, here's how I do it. Setup Paypal, verify via a UK bank account. As soon as this stage is done, remove the account details from Paypal. Paypal DO NOT NEED YOUR BANK ACCOUNT DETAILS. Yes, I can still withdraw money to that account, but PP has no access to take money out of that account. Then I use a credit card with a low limit, say £250 credit limit to fund my Paypal account. This way I have 2 levels of 'insurance' to protect me. If you need to spend more than £250 through PP in one hit, then xfer funds from your current account to your CC card so it has a positive balance and then you can spend the balance plus the credit limit.
The reason you are getting loads of emails is to throw you off the scent. You are less likely to see the bank/paypal etc; emails if they are 1 in 1000.If you need any specific advise, please ask.[/quote]
Thanks!
However, how they did it is still under investigation, but it appears my password was initially hacked at the PP end, and in fact I regularly use many varied, and very strong passwords that cover all the combinations of number, letters and symbols. They are regularly updated and are not recorded anywhere but in my head as they all make sense to me using various factors, and would be hard to guess. As TB has suggested it could be that my passcode was sold on, or it was computer linked with a device going through thousands of combinations until it hits the spot!
The strange thing is, that no one can advise me on, apart from you with your observation, although I have stopped it in it's tracks, is the 5,000 email's I received from all over the World about offers, membership, registration, joining, etc, etc, just from the ones where I could understand the language. None were opened; all deleted in bulk! That had to be actioned by a computer system, and it is interesting to note that the goods purchased on Ebay using my account details that went through initially were for computer parts!
Maybe TB, or another techy on here, can find a clue in this, but the two orders where:
Asus AMD PRIME X370-A AM4 ATX Motherboard Socket AM4 Ryzen 7 Support = £126.01 and................
Asus AMD PRIME X370-PRO-Motherboard ATX, AMD X370, Socket AM4, DDR4, HDMI, SLI/XFire = £159.90
I suspect that the other 3 orders, going on the values involved and the companies named, were as IT parts.
They were all heading to an address in Burton-on-Trent, which is now under investigation.
No, overall deviator, as someone used to investigating fraud, this seems to me after talking to the organisations involved that this could have been part of a far bigger breach of PP security with an insider or a mainframe (do they still have those?!) hack. I am not getting a direct answer as to how my details (bank card) was used when I know I had a security screen on it. My PC is the only device used for my financial dealings and this is heavily covered by security software, including regular virus scans, and warnings are given about "Harmful sites". I have various levels of security that I will not go into. The speed at which this transpired, all within about 30 minutes, with even my bank being deceived by demands on my account that should not have been authorised, leads me to believe serious hackers were involved with this and they knew what they were doing.
As I said before, what hope has any of us as individuals in stopping this when even large corporate institutions are hacked. How much "security" do we need to install?
I note your useful advice on using PP, which I will use, but ironically I rarely use PP. I will probably now NEVER use it!!