'Red flags' help to identify compromised PayPal accounts

Published : 06/10/11
Text Size

If you’re a casual gold buyer on eBay, you may not have noticed a recent spate of compromised accounts offering higher-end coins. I’ve bid on five and “won” four in recent weeks, and every one of the suspect accounts exhibited similar red flags.

You’ve probably seen them before. The seller hadn’t had a transaction in years, oftentimes had no sales history at all, rarely if ever bought a numismatic item, yet now is offering expertly photographed, key-date gold coins at very reasonable prices. When you attempt to pay through PayPal (which I believe is the safest way to deal with unknown sellers on eBay), your payment will successfully process, then appear as “unclaimed” in the system. In less than 24 hours, you’ll receive an email from the alleged account owner asking you to make some big mistakes.

The following transaction from May 11 for a ANACS Extremely Fine 45 1907 Saint-Gaudens, High Relief double eagle with a $6,700 BIN price was unsophisticated and to the point. (Note: Each of the three communications is published verbatim, but has been edited by Coin World, with Xs replacing identification information in the email names because of inability to verify owners of the accounts.)

“Please cancel your Paypal payment as I'm not registered with paypal

“Payment options:

“Money Order/ Cashier's Check / Bank Transfer for full payment before shipment

“Let me know.”

After eBay canceled that transaction, the seller took a more refined approach using another account with the identical coin in an auction that ended on May 20 for $7,100.

“Hello Richard, I’ve just realized that I entered incorrect PayPal email address during listing. I entered email address XXXXXXXXXXXXXX@hotmail.com instead of my PayPal email address XXXXXXXXXXXXXX@gmail.com. Please cancel your PayPal payment and resend to my PayPal address XXXXXXXXXXXXXX@gmail.com. Your payment is still pending so you may cancel it anytime.

“It is easy to cancel the transaction and resend the funds to the correct PayPal account:

“1. Log in to your PayPal account.

“2. Go to the “History” subtab of the ‘My Account’ tab and find this transaction (with a status of ‘Unclaimed’).

“3. Press the ‘Cancel’ button in the ‘Action’ column.

“4. On the confirmation page, press the ‘Cancel Payment’ button to confirm. Your payment will be cancelled and the funds returned to your PayPal account.

“5. Click Send Money at the top of the page.

“6. Enter who you want to pay (the email address is XXXXXXXXXXXXXX@gmail.com), sending amount $7,107, payment type (GOODS, important! please do not select eBay item because PayPal will forward the payment to the incorrect email address again, please select goods) then click Continue.

“7. Review the details and click Send Money.

“Let me know after the payment is done. Please accept my sincere apologies for any inconvenience caused by this matter. Thanks!”

In both of these auctions, eBay confirmed the account holder’s contact information was recently changed, but the perpetrator did not change the PayPal account information, most likely to avoid detection.

EBay indicated that any of the payment methods suggested by the first seller (bank transfer, check, money order) would have no buyer protection, but that payments made via PayPal following the second seller’s instructions would be safe under its eBay Buyer Protection program. That was curious given all the red flags with each of the suspect accounts, but two eBay customer service reps confirmed it.

I encountered a slightly new twist on a 1907 Saint-Gaudens $20 in a Professional Coin Grading Service Mint State 65 holder with a BIN price for $2,850 on May 25. In this case, the PayPal payment was accepted, then refunded the next day with the following explanation:

“Hello, paypal has limited my account. regarding your particular transaction. I’ve refunded your pyament. Please confirm that you’ve received the refund.

“Please resend the funds to my other account: XXXXXXXXXXXXX@yahoo.com payment type GOODS, important! please do not select eBay item because PayPal will forward the payment to the incorrect email address again, please select goods.

“Let me know after the payment is done. Please accept my sincere apologies for any inconvenience caused by this matter. Thanks! –XXXXXXXXXXX”

Not only did this differ in that the payment was originally accepted, but it was also the only response I received through the eBay system where the user ID appeared in the body of the message, suggesting the seller had access to both the legitimate account holder’s eBay and PayPal information, but was unwilling to link them to his own email address. But the similarity in wording and the request to change payment modes were dead giveaways.

There are several lessons to be learned from this experience. First and foremost, when buying through e-commerce, pay attention to detail. I began by cautioning casual gold buyers, because in each of the auctions, none of eBay’s big gold buyers nibbled. They knew if it looks too good to be true, it probably is. The second lesson is that despite some irritating quirks, eBay and PayPal have a number of safeguards installed that really do protect buyers. Only when you go outside the rules (by using bank transfers, money orders, etc.) do you truly expose yourself to financial loss.

However, eBay should work faster to close these dormant, pirated accounts once it is notified of their existence. Two weeks after I reported the first incident, that same account sold an 1873 Coronet $20 in a PCGS MS-61 holder on May 25 for $12,200 (Coin Dealer Newsletter bids for MS-60s are $30,000). While eBay did cancel the transaction the next day, that was still enough time for someone to get scammed. The right thing to do would have been to immediately shut down the compromised account until its legitimacy could be verified. A more proactive approach would be to immobilize any account that has been inactive for several years.

An eBay representative told me on May 26 that they know they can’t catch all the cyber-thieves out there, but that they appreciate any help whenever they receive it.

I believe that many Coin World readers would like to help to clean up this kind of activity. EBay could enlist their help and eBay has tools like eBay Bucks to incentivize them.

The U.S. Customs Service is finally starting to do the right thing by intercepting counterfeit coins coming into the United States from China. EBay can help us all by increasing its vigilance and fraud response as well. ■

Rick Schikora is a retired Air Force Reserve colonel and the director of ARINC Engineering Services in Dayton, Ohio. His collecting interests include Mint State Standing Liberty quarter dollars and Depression-era gold.

You are signed in as:null

Please sign in or join to share your thoughts on this story

No comments yet