[HN Gopher] Ask HN: What's the deal with random people sending m...
___________________________________________________________________
Ask HN: What's the deal with random people sending me money over
PayPal?
From time to time I get emails from PayPal stating that someone
sent me a small amount of money (always an odd number, between 5
and 21 Euro), and that I should register to claim this amount. It
is obviously a scam, because - I don't know the senders - It's to
an email address I no longer use and that gets spammed frequently
- It's from a PayPal affiliate in the country of the email domain
(I no longer live there) What is the game here? Is it to confirm
my email address is real? Will they claim the money back? Or would
I become a money laundering mule when they ask me to send the money
back to a different account? I just can't come up with anything
that sounds remotely profitable to me.
Author : ano-ther
Score : 65 points
Date : 2023-06-03 18:26 UTC (4 hours ago)
| djaouen wrote:
| [flagged]
| [deleted]
| JadeNB wrote:
| > These are psychopaths who want to harm non-psychopaths
| because that is how they get their sexual thrill.
|
| What?
| Animats wrote:
| PayPal supposedly has a "refuse payment" button, but it works
| differently for "verified" and "unverified" accounts.
|
| Now, if this was a bank to bank ACH transfer, the recipient could
| just refuse the credit. There's an error code for this situation:
| R10: "Customer Advises Originator is Not Known to Receiver and/or
| Originator is Not Authorized by Receiver to Debit Receiver's
| Account".[1] You can contact your bank and refuse an incoming ACH
| transaction, which will generate this.
|
| This is different from sending money back. It says to the banking
| system that the transaction was rejected and did not complete. So
| you're not sending the unknown originator _your_ money. You 're
| refusing to take _their_ money. This eliminates the possibility
| of a reversal from their end costing you money. It also marks the
| transaction as an error in the banks at both ends. This is
| useful, because many errors on an account are an alarm condition
| and will get the attention of some fraud department.
|
| If you have to reverse a transaction, do it fast. There are time
| limits for the simple paths.
|
| (A friend of mine runs a bank branch of a major bank. Much of her
| day is spent straightening out error situations like this.)
|
| [1] "https://www.nacha.org/rules/differentiating-unauthorized-
| ret...
| ranger_danger wrote:
| What if the recipient transfers the money to their bank account
| immediately?
| diordiderot wrote:
| In the USA there is no such thing as transferring money
| immediately between banks
| mastax wrote:
| Not until FedNow in July, at least.
| chasil wrote:
| Tangential story...
|
| I had a Northwest Airlines VISA card in the early 2000s.
|
| One day, I noticed a USD $6,000 deposit. I sent a message to
| customer service that something was wrong.
|
| The next day, I noticed a $5,800 withdrawal. At this point, I
| called customer service.
|
| They removed the deposit right away, but I had to engage
| repeatedly to get the withdrawal off my statement. I think this
| involved some kind of written statement.
|
| I've also had Discover call me, asking if I ordered a $1,200
| television off Newegg, and they sent me a new card when I replied
| that I did not.
|
| I have no idea what happened in either case.
| postalrat wrote:
| In the case of the television id guess someone used your card
| number to place an order and the transaction got flagged.
| tetrep wrote:
| I don't have any experience with this, but maybe they found a
| store or something that they could use to get a refund to a
| specific card and they used your stolen debit card info to get
| the refund and then proceed to spend it all hopefully before
| the card holder notices.
| rmdes wrote:
| I've had requests payments instead, which I obviously deny
| everytime.
| reaperman wrote:
| Sometimes people send money to me accidentally over PayPal. I've
| had great difficulty getting PayPal to return the money, never
| succeeded. Always been afraid to send it back myself in case the
| original transfer ever gets clawed back. So I'll just have an
| extra $200 sitting in my PayPal account that I can never touch.
| Wowfunhappy wrote:
| Surely, there should be some reasonable amount of time (maybe
| 2-3 years?) after which you can safely consider the money to be
| yours? Especially if you made a reasonable effort to return it.
| ftxbro wrote:
| these are AI agents of decentralized autonomous organizations
| that are trying to squeeze their way through tiny cracks in the
| protections that guard the legitimate human economy
| rocketbop wrote:
| I assume they will claim a mistake transfer if you claim and ask
| you to send it back to another account.
|
| It's a small amount of probably fraudulent money, but small
| enough that you might just do it. And I guess the hope is enough
| people do to make it add up to some good recurring income.
|
| Would love to hear if there's more to it than that.
| orangepurple wrote:
| I had the PayPal sender email and message me dozens of times
| begging me to return the money when it was sent in error.
| ($990)
| xattt wrote:
| "I don't see any errors on my end, perhaps you want to take
| it up with customer service."
| Simulacra wrote:
| I would just keep the money
| XitN wrote:
| I have never had the problem of random people sending me money,
| UncleEntity wrote:
| The things you learn on the YouTubes...
|
| It probably is a scam where they try to get you to let them log
| into your bank account and "accidentally" transfer too much money
| which you can conveniently return to them with gift cards. Or
| some variation on the theme.
|
| There's also some PayPal invoicing scam going around where they
| send random people bills through PayPal and use that to get the
| scam rolling.
|
| If it were me I'd just ignore it unless they are sending real
| money to you, in that case I'd just consider it a stupid tax and
| keep the money after a while (in case of chargebacks).
| wyldfire wrote:
| In the past this has happened to me because I have a
| "givenname.surname@gmail.com" email address and a relatively
| common name. The other people frequently misspell or forget their
| email address and end up with mine. I get occasional money sent
| via paypal but also all kinds of other email. I get a pretty
| clear indication of which companies don't bother with an email
| verification step.
|
| At one time (may still be the case?) someone created a Facebook
| account with my email address and I was able to click on a link
| and be logged in as them.
| shortcake27 wrote:
| I have the same issue with Facebook - someone somehow is using
| my email address and I frequently receive login notifications.
| I contacted Facebook a few times and nothing happened. Now
| their contact form forces me to provide my DOB to submit a
| request. What does my date of birth have to do with someone
| using my email address? I've been considering logging in as
| this person to remove my email from their account, but I'm
| pretty sure this is fraud.
| [deleted]
| dabinat wrote:
| I'm in the same boat, although it hasn't happened with any
| financial transactions yet. I get numerous emails that appear
| to be genuine - my (non-existent) Subaru is apparently
| constantly in need of service, and I supposedly work for a
| school in a different country.
|
| I eventually had to register for Instagram just to stop one
| person from constantly signing up with my email address.
|
| It boggles the mind though, because I can't recall an instance
| in which I've ever mistyped or forgotten my own email address.
| How are people getting their email address wrong so often?
| plagiarist wrote:
| It's unfortunate that there's no legally required email
| confirmation before a company is allowed to spam you
| regarding someone else's transactions.
| NikolaNovak wrote:
| I'm a paranoid nerd enough that this was an actual conversation
| I had with my wife - should we give our kids a name combination
| unique / obscure enough to mitigate the risk?
|
| What drives me _insane_ is that 99 % of companies send "please
| confirm your email address"... And then have NO link to say
| "that's not me!". You can click for positive confirmation but
| you can click for negative confirmation. And they keep the
| account even though it's unverified email. Even though I never
| verified the email, I'm subscribed to ridiculous amount of
| Financial, retail and other services throughout Europe due to
| this issue (people inadvertently subscribing with my email
| address).
| Eduard wrote:
| Kinda weird, considering the whole idea of _double opt-in_ is
| to only start spamming you once you actively consent via
| e-mail action
| xp84 wrote:
| Personally I think a non-unique name is best for security
| concerns, all things considered. You don't want one ex-
| boyfriend or whatever to be able to find every last trace of
| your online existence, trivially, for the rest of your life,
| just by knowing your name. It is better that it's going to be
| mixed in with tons of chaff from all the other Greg Jacksons
| or Catherine Williams (or whatever the applicable culture's
| normal names are).
| zimpenfish wrote:
| > And then have NO link to say "that's not me!"
|
| I add those destination email addresses to the system filter
| as a hard reject. I assume the other end will get the message
| eventually.
|
| Even having a "it's not me" link doesn't always help if they
| use a different email each time - for a while, I was getting
| 3-5 Russian Instagram "confirm your email"s a week and the
| "it's not me" made no visible difference.
| rationalist wrote:
| Sounds like spam, I would mark it as such.
| NikolaNovak wrote:
| The email bothers me a little.
|
| What bothers me a lot is that there's an active account
| attached to my email address with dozens of companies I did
| not choose to engage with. It as astonishing how few
| companies allow you to disavow an account created with your
| email (practically none. I don't have an instagram myself
| but my email account does.)
|
| Marking their emails as spam just means I will no longer
| know what's being done "in my name" (with my email
| address). It doesn't aftually solve an issue in any real
| way.
| Aulig wrote:
| I've read that the scam is that they will ask you to send the
| money back. If you do, you'll be out of the money because the
| money they sent you will disappear after a while because Paypal
| pulls it back (probably because they sent it to you from a stolen
| credit card or something like that)
| tlavoie wrote:
| We've had a variation of this attempted when trying to sell a
| vehicle online. The scam is not specific to the item being
| sold, because they have no intention of picking it up. Rather,
| you are sent a realistic Paypal money transfer notification,
| and are asked to put most of it (since the amount is higher
| than the purchase price) into some sort of Moneygram transfer
| "for the person who will pick it up."
|
| Paypal has an email listed on their site, IIRC, where you can
| send these, and it will tell you if it really came through
| them. Ours had not.
| coffeebeqn wrote:
| Some of them are also not actual PayPal links they're just
| phishing emails that'll steal your credentials if you click
| through and try to sign in
| ano-ther wrote:
| Thanks. There must be quite an operation behind this then to
| make it viable.
|
| Input: stolen credit cards, email addresses to send to, email
| addresses for opening a PayPal account.
|
| Attrition: credit card gets blocked, PayPal email gets blocked,
| recipient doesn't react or doesn't send the money back,
| recipient won't fall for it twice.
|
| 5 Euro per successful attempt -- 200 successes per 1000 Euro
| (minus the cost for acquiring credit cards and email addresses)
| -- sounds like a low margin business.
| grepfru_it wrote:
| Google "PayPal duplicate money trick". People are actively
| sending money from their own account to PayPal, claiming it
| fraud and doubling their money. They don't care if they get
| locked out if they make $500-$1000. Change the input from
| their own money to a stolen PayPal account. It's a payday for
| them (that eventually comes back to haunt them)
| xp84 wrote:
| When your time is cheap, making a few bucks a day scamming
| probably beats working all day carrying bricks or working in
| a diamond mine, or whatever.
| jrockway wrote:
| I think the key to this scam is to send fake emails
| pretending to be paypal. So you email someone "hey i
| accidentally sent you money, can you send it back" and then
| you also send from your paypa1@gmai1.com email address
| something like "so and so sent you money on paypal, spend it
| right now wow this is amazing". Paypal is never actually
| involved until you send them money.
|
| (I think these are all Zelle scams these days. I don't really
| know what Zelle is, but it seems like all the banks got
| together and were like "how can we really screw over our
| customers?" and this is what they came up with. You really
| can't reverse transactions? Why would I use a bank for that
| when I can easily lose all my money to scams with Bitcoin?
| It's so crazy to me.)
| kmoser wrote:
| With great power comes great responsibility. Non-reversible
| transactions are dangerous in the sense that you can't
| reverse them, but that's the case with cash (not to mention
| handing over physical goods). But it cuts both ways: it
| means if somebody pays you what they owe you, there's no
| way for them to claw it back later.
|
| tl;dr Want a permanent transaction? Use cash or Zelle. Want
| the ability to reverse a transaction or dispute a charge?
| Use a check or credit card.
| Waterluvian wrote:
| I had a similar fraud that PayPal is somewhat complicit in
| because how how their system works:
|
| I get an official PayPal email. But it's on behalf of a vendor
| who is asking for money. But they've carefully crafted the
| request to look like a receipt. As if I've already paid $300 for
| textbooks and this is my receipt. But just a few unwitting clicks
| and I'll have accepted the transfer request.
| shortcake27 wrote:
| I have been getting a few of these per week for the past couple
| of years. It's really frustrating as the payment request comes
| from PayPal so won't be flagged as spam, and there's no way to
| "unsubscribe" because you get the email whether you have a
| PayPal account or not. I keep forwarding them to
| phishing@paypal.com and nothing happens. At this point, I would
| definitely consider PayPal to be complicit.
| rvba wrote:
| I dont understand why the courts dont treat this as fencing,
| or wire fraud.
| plagiarist wrote:
| For every email, I would send an abuse complaint to the
| registrar on their whois lookup, which right now is
| Markmonitor [0]. I have done this to get one spammy website's
| emails shut off before, when they weren't including
| unsubscribe links. Of course they were back on their same
| bullshit weeks later, but I was able to unsubscribe
| successfully.
|
| IDK, maybe PayPal is too powerful or whatever they're doing
| here is technically legal, but it is worth a shot.
|
| [0] https://www.markmonitor.com/legal/abuse-policy
| millzlane wrote:
| Data is everything in 2023. Paypal absolutely knows exactly
| how much money they are getting from these types of emails.
| It shouldn't be much work to find that in their sent folder.
| NoZebra120vClip wrote:
| PayPal makes it absolutely simple for anyone to generate an
| invoice. I sent a package to my friend out of state, and I
| invoiced him for the shipping charges just as a lark, and he
| duly paid his bill. We'd pre-arranged it all, so everything was
| legitimate, but all I needed was his email address.
| [deleted]
| bravoetch wrote:
| Common scam format. Convince recipient to accept money, claim
| over-payment or accidental payment and ask for refund. Sender
| then claims account is hacked / check stolen etc and claims a
| clawback via bank or paypal etc.
|
| The UK wedding photography industry has a version of this where a
| potential client sends a check for the deposit, and it far
| exceeds the amount required for the booking. They say the mistake
| is because they were supposed to book flowers etc and ask you to
| transfer the difference back asap. A year later it turns out the
| check was stolen or fake and the deposited funds vanish from your
| account and the culprit is long gone. It's fun to have them send
| the check, then pretend the police are now involved since you
| tried to deposit it.
| haunter wrote:
| I wish random people would send me some money
| AH4oFVbPT4f8 wrote:
| What's your PayPal address?
| Gualdrapo wrote:
| I wish I had PayPal
| mrweasel wrote:
| No you don't.
___________________________________________________________________
(page generated 2023-06-03 23:01 UTC)