Alright once again my Internet payment profile has been h@cked. 2 weeks back i got an sms on my phone indicating that i just charged Euro300 onto my credit card and got a Paypal email saying i charged it through my Paypal account.
Nature instinct of me “NOT AGAIN”! This happened to me couple of years back which my credit card was fraud for some online purchase. Not long after, an Google sms came in providing me with my 2-factor authentication code for 4 times. And i know that bastard is starting to try his luck on my Gmail as well.
So what did i do? Here’s the step that i have taken right after this happened. You can call it my SOP for this.
1. Call my Bank and inform them that my Paypal got h@cked and the credit card inside was used to charge some nonsense items. Terminate the card and request for a new card.
2. Login to my Paypal and change the password immediately. After which log a Paypal support ticket for fraud charges.
3. Login to my Gmail and change the password and check the login history if there is any intrusion symptoms (e.g. Overseas IP address login)
4. Login to ALL those website that i frequent and is important and change all the password.
My standard practice; keep a word document indicating ALL the websites that you have an account with. In such situation, just follow the list and login every website and start changing your account password.
In addition to this, what has really saved me from a expanded disaster? 2-factor authentication! I always recommend people to use this features if its provided. Like Google, Dropbox and Banks. 2-factor authentication is the best method to exclude the h@ckers from accessing your account UNLESS you lost your phone to a h@cker. That’s plain swayness.
Coming to this, i am seriously wondering WHY paypal doesn’t have 2-factor authentication security features? It’s something they should really look into with the vast amount of money transaction they handle on a daily basis.
So after this whole saga, i manage to get my reversal billing back within 1 week from Paypal. And the bank said they will investigate into this issue. But based on my experiences, these cases will just be dropped off since they can do noting about it when charging involves cross-countries transaction.
So i did a check and trace out the email that the Paypal payment was made to [oxi]mo_[m]wa[@]hot[mail].com (breaking the email address with  to prevent search engine from finding it). Apparently this email belongs to a French guy who is based in Lyon and its at the age of 26. Not too sure if this guy is a victim as well since the h@cker can h@ck into a email first then start h@cking other parties (we call this proxy). But anyway if this guy is a victim or h@cker i guess his plain horny; see what i found on a French dating website translated post on year 2008:
I almost point by point in the same situation as you (recent breakup, want to go out, meet), to the last detail that I am a man of 21 years.
Here is my hotmail address, I’d love to know: [oxi]mo_[m]wa[@]hot[mail].com
My previous password was highly secured with CAP, Numbers, Symbols and Wild Text and i can get intruded as well. So what makes you think yours won’t be part of the game of h@acking? Take care of your own e-properties!