So I verified....

[jorb]

Exactly, its completely users fault if he is dumb enough to download keyloggers.

There, there. No need to swear and cuss. It is by no means established that this is what has transpired. I have had a minor instance of credit card fraud happen to myself, and not due to any error on my part.

[lonehero]

Will paypal still be an option in the future when there is another method available for payment, or will you get rid of it completely?

[jorb]

It will still be an option.

[jordancoles]

As for PayPal sucking, we're still working to get Xsolla working, but the administrative part of the process seems to be taking its time.

Not too long ago I had about $240 taken from my paypal account, if you call Paypal and explain which transactions/transfers you didn't do yourself, they will likely refund the money to your account fairly quickly over the phone after confirming your identity and whatnot... In my case, it was about 4 korean emails that they were sending my cash to, and each transaction was around $40 in the hopes that smaller amounts would go unnoticed.

Paypal isn't amazing, but I've been using it for about 7 years now and that has been my first issue.

Change your email password as well. Paypal is fairly well-known so sometimes if people get a hold of your email info they'll try it other places as well to see if the credentials are the same

[loftar]

Will paypal still be an option in the future when there is another method available for payment, or will you get rid of it completely?

Xsolla supports Paypal as a payment provider, so it will, under all circumstances, still be an option. Whether we'll continue to support it "natively" is something I'm still undecided upon. Feel free to discuss whether it would be meaningful. I, on my hand, would like it if the store page could be kept free of the complexity of having to choose payment provider (especially seeing as how that seems to be the first stage when using Xsolla), but if there are strong arguments for the other perspective, I'm open to it.

[shykamaru]

Yeah, you can get infected in many ways with no downloads involved, no need call other people dumb. The malware was probably setup to record paypal data and the haven verification was simply the first transaction you did since being infected. You should do a big cleanup in your computer and change all your passwords for important services (specially email and admin OS ones).

[jorb]

The malware

Could we avoid speculating on the status of the user's system? None of you have any idea whether it is compromised, and it certainly need not be the case.

[g1real]

it certainly need not be the case.

But I hope nonetheless that OP has done an intensive virus and malware scan to rule that out.

[bojackson]

Wasn't sure where to post this, but I had an issue trying to add time to my account. I went to add 90 days and used same info as my first month. But it said the card could not be used (debit method). Kind of vague , more info as to why it isn't working would be nice. I doubt you have control over that but just in case I figured I'd mention it.

I'm gonna try to buy a gift card from the store and pay with that tmrw. I'll let you know how it goes

[Garfy]

Right now, you need to confirm you saw this on Paypal.

If you got an email saying something like "you paid $600 click here for more info" then clicked that link, you could have been taken to a phishing website. Which looks identical to paypal, but is not paypal. In your web browser, type in paypal.com and login and look at your payments like this. Do not click any link of any kind that will take you to paypal.
While you are doing this, look at your address bar (copy and paste it if you have to) to confirm you are still on the paypal website.
Additionally, on another computer if preferable (or at a ATM machine), check the account your paypal is linked to, and see if the $600 payment is on your statement.


If you have done this, and you do not see the payment on the paypal website, what you need to do is go and change all of your passwords.

If the payment is still on your actual real verified paypal account, then chances are at some point in the past 6 months, someone gained access to your paypal account. Probably by getting your account and password. Someone who commits this kind of crime will never get your details and immediately use them, this makes the crime very easy to track. They'll have access to your account for a good few months because you're probably not going to remember clicking a suspicious link half a year ago.

Anyway, if your paypal account has been used to make a large payment, you need to contact paypal and let them know about it. Usually they'll have protection set up for this kind of fraud. You should also scan your computer for viruses, malware, rootkits and so on, and then if you know you are in the clear change all of your passwords.