PayPal Ignores New Exploit, Sides With Scammer???
ฝัง
- เผยแพร่เมื่อ 4 พ.ย. 2024
- PayPal, cmon guys. This is unacceptable. I'm scared to give this more publicity but screw it, if @PirateSoftware is a victim then I'll happily advocate for this getting addressed.
SOURCES
/ xyz3va
x.com/xyz3va/s...
• Cart Injection
Ty Ph4se0n3 for edit!
Love how companies can do "financial damage" as they wish, but if dare to miss on a single payment then you will feel the power of justice...
"Justice" is a paid service for the highest bidder because you didn't use your rights the last time you could have and now you don't have them anymore, and you are still arguing about who gets to go into which bathroom instead of fixing this.
That's why no one can pay me enough to move to the US. Brazil has an amazing banking system, with very strong consumer protection laws.
Since the 90's we have a unified payment system for bills. Every bill has a barcode you can use to pay at any bank. No need to mail checks, or make deposits / transfers. When internet banking became a think, you could pay your bills online with no extra fee. Now we have pix, which is a money transfer system. You can transfer to any person, any time, to any bank, free. And is also used a payment method.
No need for cashapp, paypal and these idiotic tools. Just open your bank app and transfer the money instantaneously to another person. Hassle free.
Also... all banks must offer free bank accounts for its users, with NO fees. And overcharge can only happens if the balance is negative for more than 7 days. So no hidden fees, or surprise overcharge, or having to have a certain amount in your account all the time.
I don't understand how people in the US accept this.
The secret sauce is to sue them. Just do it without a lawyer, if you sue them there is not really a worst thing that can happen
@@waralo191 You can't sue them, because now they all make you agree to "arbitration" policy in their user agreement.
paypal stole $300 from me in 2020. when i called their support they literally passed me back and forth between various people for DAYS who kept saying "i'm sorry i just don't know why you haven't received the money yet" . after 3 months passed and i still had not received the money I deleted my account and i'll never use that again. not surprising to hear paypal going down the toilet every year in the news.
They terminated our account with 20k usd after 1 fraudulent chargeback we werent even able to respond to. They told we will get our money in 6 months....at the end they took every last penny of those 20k and claimed we violated their policies. We had to solve it in court.
Did you get the money back? How much were legal fees?
same question here, what was the resolution in court ?
And? You can't just say "it was settled in court"
It's a good story relevant to the video. No reason to get upset about a comment.
I'm so sorry. Thata a terrible experience to have had.
Maybe someone should make an automate script that make them burn billions in 2 weeks in refund fees, that should make them panic and act.
Please don't ransomware payload the correspondence links or use an LLM agent in said that never finishes negotiation and gives random reroutes at simple direct requests to other unrelated agents, kinda like their customer service does with our data and to us. That would be lowering to their level. Please don't. (sarc)
You'd think they'd want to fix it in 24 hours, considering people can freely steal from _them_ with this exploit.
As long as nobody knows, they don't care if you lose your money.
When people start noticing, that's when they *may* start to care.
They're not stealing from Paypal, they're stealing from Paypal's users and Paypal gets to charge them for it as well, so everyone is just double-dipping on the users
@@liquidsnake6879 If you look at the statement at the 5:05 mark, the person points out that if this is targeted at a non-existent account, there is nothing for PayPal to charge against so it does come out of their pockets.
Except that, as Theo said in the video, the account that Eva did the exploit on is not linked to a PayPal account
So the chargeback would imply that PayPal would have to eat those fees, because there's no account associated to charge a fee to
@@Spiker985Studios The question is what fees does PayPal and to whom? I imagine they have some payment processing fees they have to pay to banks or something, but I can't imagine it's a lot. Because chargebacks on PayPal aren't a chargeback via your credit card, so they wouldn't have to pay chargeback fees to a bank. At most, it would be some payment processing fees but even that is in question. As for the chargeback fees they charge accounts, obviously those aren't a loss because they are a fee PayPal themselves made up.
Ah paypal... I've been banned by paypal for years now, after what I can only guess was... *looks at notes*... accidently logging in while my work VPN was active.
Glad to know I'm not the only one xD Though in my case, I still don't know why, and they refuse to tell me, or to actually close the account (which means they're keeping all the data on there hostage basically)
Wait... they can ban you for using a vpn? I've definitely logged in on my vpn at least once before, should I be worried?
Wait that’s a thing???!!!
My mother's paypal got banned for no reason at all, and funds with it. But then in 2022 they stopped working in Russia, so I requested transfer to bank account ...and it worked.
Since when can anyone dictate what sort of system security are user chooses to use ? Which may include a VPN. Can they also dictate whether you can physically travel ?
Every few months we get another reason to delete our PayPal accounts.
Since this can affect any business using PayPal, I sure hope that some lawyer out there is paying attention and files a class action lawsuit on behalf of all businesses using PayPal.
Paypal threatened to lock up 20K for 180 days just because we couldn't verify a user account added to the system. They wouldn't even let us remove it. Trash company, avoid.
Suppose paypal had more than a 2 week policy. At minimum, they could have sent an email reply saying "Thank you, we are looking into it. Please give us extra time."
Chargeback to all the C-suite execs 1000x each? Maybe they'll notice. Also inform the PCI
Okay, but hear me out... pull a reserve uno: scam the scammer using the exact same method! It's practically failproof.
Bank fraud is still bank fraud, even if the "bank" is fucking up massively in their efforts to prevent it. Even if some people are getting away with it now, they can easily become targets of an FBI investigation years later. If and when a crackdown happens, you do not want to be one of the parties involved.
I don't use Paypal since Louis Rossman got scammed by them.
Paypal has a long history of siding with obvious scammers. 99/100 times they'll side with the "buyer" even when the merchant has clear and irrefutable evidence that they've been scammed. I learned this the hard way almost 20 years ago and it sounds like very little has changed.
I think they just consistently side with whoever is in the wrong.
@@Spencer-wc6ew I think you missed the point of this video. They don't and they don't care enough to fix it.
This video is like watching a car crash, but instead of a car it's PayPal's reputation, and it's glorious. $1 charge to test the exploit, then a $100 fake charge-back? That's some next level scam artist hustle. And PayPal just shrugs? Maybe they're too busy redesigning their website for the 10th time this year to deal with actual problems. Someone get this man a cape, because he's become PayPal's worst nightmare
PayPal: "Theo, don't worry, we'd never close your account"
PayPal on the background: "Set that account for deletion three months from now..." lmao
I feel like we're back in the early days... SASE for VHS in the mail. Netscape or AOL? Gold in the mail for on-prem LLM and course on BluRay Set? WTF can we do? Oh no. 😱
Thx for the "teen" PayPal locking.
@4:30 with the making an account before 18 then having the money locked is an issue I faced and after 4/5 calls with them that were all over 2 hours each I gave up and avoid the SHIT company like the plague they are man. Useless.
I had the same thing but instead i did chargebacks from within my bank account on 5 paypal transactions because i didnt recognize the name (didnt say paypal). After a while i noticed my paypal account value was around -250 😂 because i did those chargebacks. They later closed my account because it was made when i was underage, i couldnt make a new account because my bank account was still connected to the disabled paypal account. I asked them if they could delete my account and they actually did. So in the end i profited a few hundred from it 🎉
I had that exact same issue with being underage back in the day. There wasn't any kind of under 13 laws when I was that age. Only became an issue with paypal once I was much older. Refused to payout, refused to close account.
Little funny side thing I saw was people saying Thor was talking out of his ass when he talked about how it's a PayPal bug. Just a little funny, cause they were the ones talking out of their ass. Probably unaware that PayPal has these features and it's not just send money get money, but I guess when met with unfamiliar concept "PayPal cart" they just decided "Nah, that's totally not real, he's bullshitting" instead of looking it up.
PayPal is stealing money themselves from artists. So this isn't surprising me.
I am glad I don't need to use services of shitty companies...
I deleted my PayPal account about a year ago because they were already doing similar things back then. I am not even surprised.
PayPal hopes to boost its growth by starting an ad network juiced with something it already owns: data on its millions of users. Appeared in the May 29, 2024, print edition of WSJ!!!
It's almost like Paypal is financially incentivized to always side with the scammers becaude _Paypal_ is the one who gets to suck up the -extortion- chargeback fee.
Also if you sign in, or access your account while on a VPN it will flag your account as fraudulent. They closed my account because of this.
What’s the best alternative to PayPal outside the US if I don’t want to use a credit card?
Debit card.
if what you mean by credit card is something like a bank card, probably one of those burner visa cards. you can pay cash to fill them up, and its not directly associated with your personal info. note that i said directly, they can still track you if they feel like it in most places.
other than that cryptocurrencies are your best bet. everything else is kinda trash. as for which currency you use, depends on what you intend to do with it. if you are accepting money i'd say bitcoin and xmr. if you are sending money i'd say just bitcoin. if someone accepts crypto, its likely going to include at least one of those two but bitcoin is no doubt way more common.
Thank you for your fast responses! Much appreciated.
The problem with debit and burner cards is you have little to no way to resolve disputes, depending on the service provider. The reason I still use PayPal is - ironically - the ability to use chargebacks if someone tries to scam me.
I’m just buying everyday products and services, so crypto won’t really help me (not accepted as payment).
@@MonsieurSansHonte hmm, yeah i got nothing in terms of payment processors like that then. odds are, something new will pop up to take paypal's spot if they don't fix it so i guess you're in luck there.
best way to avoid getting scammed in terms of buying stuff is to actually go to a major physical store. kinda hard to sell you something bad or just ghost you when you're able to inspect it yourself. stores like walmart will usually allow you to return anything nonperishable so long as you kept the receipt.
unfortunately some things you can't, for instance if i wanted to buy some general purpose microcontrollers (pico, arduino, etc) the nearest place that sells them is ~50mi away and i don't have a car lol.
amazon (no 3rd party shipping) / reputable and official vendors for stuff is second best. i live in the states, so the following may not work for you: i use digikey for electronics components, and amazon for smaller stuff not available in stores; though of course there are exceptions. one time i bought a freezer on amazon, costed ~200 usd and man 3 years later it is great.
everything else i need i make from raw material or scrap. you'd be surprised how easy it is to make many high priced things yourself. though i guess not everyone likes to do that. as for computer parts i don't have a reliable source, but they fail so infrequently that i can get by with fixing/combining the broken computers the local junkyard doesn't know what to do with. what do a gtx 1650s and a old automotive pcm have in common? apparently a lot. a giant burnt hole in the pcb meant i got it for free but evidently pcms will sometimes have exactly the same capacitors as gpus if you're lucky and sometimes they just give away their ewaste. just... don't count on the quality. bad components are very common on damaged boards test first.
@@MonsieurSansHonte If you're in EEA (EU), take a look at Revolut and Wise (I personally prefer Wise bc it's cheaper, but Revolut is more mainstream). India has NRIs, but not sure if those are the best for local residents. No idea about rest of Asia, but I believe they should have similar options so look it up.
Oh, neat, that explains how I magically had money stolen from me, and that absolutely bizarre charge on my account
good to know I wasnt the only one geting ban for creating when I was on my teens after like 10 years.... at least I dont store money on paypal I just use for payments as such I didnt lose money, but if they block my money I would defenetly take them too court, the best part is that sience I'm not in the US i dont have that BS of doing things out of court...
I don't know how I missed this two weeks ago since I'm subbed, but is there an update? Have they fixed it yet?
One bit of confusion here: seller protection isn't something that's really in play once someone has initiated a chargeback. I guarantee you're getting a chargeback fee regardless of the seller protection status. That's only useful when PayPal gets to decide between seller and buyer, not when your bank/card processor is the one deciding between you and paypal.
class action
paypal is the worse coming from a business point of view, i used paypal for a software i created and was selling but i had so many people who would sign up, pay get access to the software then complain to paypal about a refund and they will always get a refund no matter what you say, i shows screen shots of proof and yet paypal still refund the money.
Ended up switching to a new company, was getting tired of the refunds
paypal protection people ? that new loool, people always side with scammer, one time a seller has send me a rock of 80 pound instead of my item , paypal refuse to refund me until a resend the rock to the seller at my charge ( costing around 200€ )
This is what Stripe implemented last year
PayPal is not particularly great. And Darth Vader was not a very nice person.
I know this is not going to happen in USA, with all the lobbing and stuff, but I think you guys would what UPI does in India
PayPal still has the rotting stench of Musk's involvement.
Does Revolut or something like that not exist in the US - since people still use PayPal so much? 😅
Revolut exists in the US, but PayPal and Venmo (owned by PayPal) have been around much longer in NA. So many consumers just prefer buying things with PayPal to protect their credit card details that not having it as an option legitimately loses sales - thankfully with the surge of Visa/MC debit cards and Apple/Google Pay they are losing ground. PayPal was also the only accepted payment on eBay for the longest time which was a big part of how it became so dominant.
Also, Revolut launched in Canada for a year or two then withdrew for some unknown reason closing everyone's accounts. I loved them while they were here, but I think for a lot of people it's hard to trust them as a primary payment provider if they will just enter and exit markets on a whim with little explanation.
Nothing at the scale of Revolut. Revolut is very popular in the EU, but you can also just send bank transfers in the EU. Can't really do that easily (and safely) in the US.
@@itsbazyli simply USA problem. EU wins. 8-)
@@itsbazyli Damn, never thought about that... sorry for yall
So PayPal is processing data from the client browser without validating it back on the server?
What developer thought this was how you should do it. They didn't understand the framework they are using?
What is the framework?
So, any black hats down to screw up paypal with ts(on non existent account)
3:44 good Op-Sec
Got stolen 2k by paypal because my first account was open when i was 17y old.
Wait wait isn't this old? Like really old.
Forgive my bad thoughts, but I have thought of also doing something like this on Paypal.
But I don't like scamming or fraud ing people, so I don't.
But still props to the discoverer
Zelle is built into most banks now and is instant and has no fees. It's fucking amazing, fuck paypal.
Only available in the US, though :(
"In order to use Zelle®, the sender and recipient’s must have U.S bank accounts."
Take them to small claims
I am not a lawyer and this is not legal advice 😊 ✌️
Could a bunch of creators collectively turn off their PayPal because of the exploit and then do sometime a class action suit? Alternatively, could they bulk get a $1 cash back exploit from all of you and then you start the class action? Obviously the first one seriously damages your business, but that I believe is what gives you standing to bring the suit. Again, not legal advice.
I do not get it - if the hacker/buyer proceeds with the checkout of an adjusted cart, they will need to pay it, and the sole damage is then the extra fee that the damaged seller is paying on top of the charge-back to PayPal. So a 3rd person is not gaining anything, and the harmed one is a paypal user, while the beneficiar is paypal? Then sure nobody cares at paypal to fix this :D
Literally addressed in the video. You can do this to non-existent accounts. I imagine even PayPal have processing fees they have to pay to whatever payment processing they are doing.
Paypal can be hurt in 2 ways
1) The merchant stops accepting paypal, so paypal loses a customer, these things snowball pretty quickly
2) The attacker can use fake accounts that don't exist, so the chargeback has to be eaten by paypal as there is no merchant to eat the fee.
Yes. This isn't an exploit to steal and make out with a butt load of money, but rather to harass and cause monetary harm to a user of PayPal (in this case, mostly streamers that someone doesn't like) and have them go in the red.
Is it not lawsuit material?
watched an old video of yours... please never remove your mustache ever again.
oh.. ahm... and great content! really interesting stuff.
Theo's facial hair is Theo's business. Unless what you're saying is unambiguously a compliment (which it definitely is not here), that's the kind of thing where you should really only express your opinion if asked.
#lettheoshave
Paypal sucks, and they're extremely prone to censorship
I almost hate to say this, and I am so *not* a "crypto bro" nor a crypto-evangelist, but in all seriousness, a lot of the issues described here are part of what cryptocurrency would address. These centralized "money transfer companies" have really inordinate amounts of power.
Lol? Have you seen how much money crypto has lost?
@@gsgregory2022 Do you think I'm talking about investment, or about utility as a medium of exchange? Just curious.
@@gsgregory2022 Did you read the comment?
@@gsgregory2022 What does that have to do with anything? I'm not talking about investments.
@@gsgregory2022 Ah yes because we know crypto is a person who can lose money. What the hell are you talking about? Do you mean people who invest in crypto? If so, we are doing just fine, thanks for asking.
Thats not chargeback fraud. Its just trying to get the user banned
look at this upi is much better.
I don't feel bad about pirate software
Why do you keep saying they when you showed her pronouns in the first 10 seconds
People will complain about crypto and literally use and support this company.
Ah the before 18, been there haha
Cash app 2
As a contractor for PayPal... this concerns me. I hope they fix this soon cause if they go down I also go down and the developer job market right now is ROUGH
PayPal does not care. PayPal has been pulling stuff like this for YEARS, it's not news. Maybe work for a company that doesn't shut down people's accounts and steal thousands of dollars for no reason.
so stop using paypal and switch to monero
She?
Please don't call it "pwned" - hacked or exploited will do. Please.
Please don't word police. Please.
Revolut