PAYPAL GETS TOLD TO STRAIGHTEN UP AND FLY RIGHT....HEHEHEHE

[cueperkins]

This was sent to me by another member, and it was just so interesting.....I couldn't resist.....just because Australian media is easily 'bought off' for their silence about Ebay and Paypal....our regulators are not....hehehehe. 

PayPal agrees to strengthen systems under money laundering laws
Tuesday, 24 November 2009 10:52
James Thomson

The Australian Transaction Reports and Analysis Centre has accepted enforceable undertakings from eBay subsidiary PayPal Australia due to breaches of anti-money laundering and counter-terrorism financing laws.

AUSTRAC chief executive John Schmidt has said the company now has six months in order to clean up its act and protect its online payment system from being used by money launderers and financers of terrorists.

PayPal Australia has agreed to "strengthen its existing systems and controls" in order to comply with regulatory requirements, and submit a report to AUSTRAC detailing its compliance with the laws.

The dispute between PayPal and the regulatory body has been discussed by the two parties over the past year, with concerns raised over PayPal's ability to report illegal activities being used via its services.

AUSTRAC was particularly concerned with PayPal's monitoring services for accounts with balances under $1,000, as required by a declaration issued to the company last year.

PayPal did not ordinarily verify customer accounts before the $1,000 threshold was reached, but AUSTRAC wants verification before that point.

"The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 underpins Australia's risk-based AML/CTF regime which recognises that reporting entities are best-placed to assess the risk of their customers, products and services becoming vulnerable to criminal activity," Schmidt said in a statement.

"Compliance with the Act's risk assessment requirements is crucial in Australia's fight against money laundering and terrorism financing. The acceptance of this undertaking is a clear sign to industry that they must have robust systems and controls in place to manage and mitigate the risks their business may face."

As a result of the undertakings, PayPal will now introduce additional registration data collection, electronic identity verification procedures and will ramp up its reporting activity to AUSTRAC.

"We consider the AML/CTF legislation extremely important and take all of our compliance obligations seriously. We are confident we will meet AUSTRAC's requirements," PayPal Australia managing director Frerk-Malte Feller said in a statement.

The incident is the second major dispute with an Australian regulator. Last year eBay proposed to have PayPal used as an obligatory payment system for transactions, but the idea was shot down by the Australian Competition and Consumer Commission.

http://www.smartcompany.com.au/index.php?option=com_content&task=view&id=36038&Itemid=314&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+smartcompanyallcontent+%28SmartCompany+All+Content%29

So there......

:fuzz:

[*Ubbie Max*]

Very interesting Cupie, and about time. I wonder what means Paypal will use to verify accounts. I won't register any banking accounts with Paypal, it's just too risky to let that entity have those details. I read about so many horror stories of accounts being frozen, money being taken out without the permission of the account holder etc., it's frightening.   

[cueperkins]

lmao Ubb..exactly...I won't even Join Paypal until they tighten up their security, sign the EFT code, indemnify member accounts, and stop ignoring Australia's laws and regulations....they're totally predatory and insolent...who can seriously trust that?  Read their UA...they spell it out in all their arrogance for all to ignore it seems....And I totally object to being bashed over the head and literally forced to use Paypal, when I DON'T trust it as a payment system and never have. 

......How can anyone presume to trust an entity that reverses all imaginable liability back onto the consumer, while demanding a debit authority, and offering no proactive risk management when it comes to real risk?....madness I tell ya... Who else would you sign a contract with under those circumstances?

Ubb you may recall during the rebellion, when Ebay was asked why Paypal would not sign the EFT Code (which protects consumers from Paypal's unconscionable conduct and lax security), Feiler stated that "Paypal security is equal to or better than the EFT Code"....LMAO...(or words to that effect)....I say prove it buddy...sign the EFT Code.

Needless to say, I had a feeling that the Anti Money Laundering legislation would have the effect of forcing Paypal to improve verification.....

It's so vindicating when you think back to all those ProPaypal trolls, who argued Paypal was the safest and could do no wrong........and then openly stalked and trolled anyone in opposition......

 

 

[*r3830*]

Ahhhhhh - Nostalgia, isn't it a wonderful thing! Or- is it a matter of "good things come to they who wait"!

Thanks for sharing this Cupie. 

[cueperkins]

Thank the Wokkie...always on the ball....lol.

Interesting though...Paypal have wrangled with Three Authorities, not two....ACCC, RBA/Payment Systems Board, and now AUSTRAC....what next?

You gotta ask, if Paypal/Ebay feel justified in ignoring Aussie Laws....what hope would consumers have?

[*r3830*]

I know..... AMTRAC - Tello's mob! One way ticket out of town.

[tellomon]

Is that a good thing, or, do ya just like to drop my name in all the weird places?

[*CountessA*]

This is interesting... particularly in light of PayPal's forcible holding of a percentage of funds decided upon at whim, stated by PayPal to be in light of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.

[da_ewok]

PayPal did not ordinarily verify customer accounts before the $1,000 threshold was reached, but AUSTRAC wants verification before that point.

THis is the bit that interests me the most with this article - perhaps AND ONLY perhaps - it might catch a few more scammers - those that hit and run for say $500-$1000 - only perhaps

But anything is better than nothing

[*smee*]

See I dont get that coz I opened a pay pal account in January this year and I had to be verified before a single transaction was able to take place

[cueperkins]

Hi Wokkie.....I agree but I think there are much broader ramifications that will force Paypal into compliance....every single bank entity is having to follow these regulations, and Paypal is only barely managing to comply and that's kicking and screaming.

I think the industry itself will force Paypal into compliance, because nobody likes a cowboy.

I have a question.....Paypal fall back on bank verification, but, if someone hacks into a Paypal account and gains access to a bank account.....the EFT code will cover the bank customer.....but not the Paypal customer....sheesh..one in the same things....lmao.

How long would the banks or even insurers in this arena, continue to fork out compensation to bank account holders for the security flaws of Paypal?  or have I got this all wrong......

SMEE......When you say you were verified, what was their process of verification?

[*smee*]

I cant remember now exactley Cupie .. but I was verified , but I thought it was adequate verification ...

can I ask what you mean by hacking into a paypal account to gain access to a bank account .... I cant see how that could happen , but I dont profess to understand these things , but my process of logic would suggest that this couldnt happen and if it did then the paypal customer and the bank customer are one and the same as you said so the customer is still covered by the eft code .... arent thay ?

[cueperkins]

Bank Customers are automatically covered by EFT code...that's the point...Paypal Customers are not....it's a substandard product in terms of safety or indemnification....it's self evident.

Smee there's been so many reports on the internet of people having their bank accounts and credit cards hacked into after someone had accessed their Paypal Accounts. 

It may have changed, and without doubt there are people who understand the workings of Paypal much better than I, who have commented on this aspect of paypal..

My biggest issue with them, is their UA, their complete reversal of all imaginable liability back onto the consumer, and their refusal to sign the EFT Code.  In fact, their UA flies in the face of the EFT Code, so if they signed it, they'd have to amend their UA, indemnify account holders and STOP withholding funds.  The EFT also protects consumers from 'Unconscionable Conduct' and I'd say forcibly withholding funds would qualify for that at least.   

As for their verification....once again, I've heard it isn't all that flash and nowhere near 100pt ID required for bank account access by comparison.....Verification is at the very core of the Anti Money Laundering legislation and in fact the Fed Govt are also trialling a new 100pt electronic ID verification that is instantly cross checked with all relevant databases i.e. Births Deaths Marriages, Electoral Role, Licensing authorities, Medicare, etc etc etc.....If a red flag comes up with any of those data bases, the ID is flagged and the applicant asked for more information.....So....Verification is vital to the Anti Money Laundering legislation being in any way efficient.  If you don't know who the account holder is, how can you guarantee they are not using an account and Ebay's marketplace itself to launder money?

Obviously Austrac found Paypal's verification process sadly lacking or they wouldn't have noted 'Breaches of the Anti Money Laundering' legislation in regards to verification specifically.  I'll try to find out more on it today sometime.

Poddy, and others who use Paypal regularly, can you add something to this discussion in terms of Paypal's current verification process?  Anyone?

[*smee*]

ok , lets stay off the verification for the moment ..... Im interested in the hacking thing if someone is able to explain how that might work I would be interested to know ... For example even if I gave you my paypal account log in details ie its linked to an email address and a password so even if I gave those to you ... how could you then access my money and transfer it elsewhere without me knowing and with out being able to be traced where the money has gone .....
Now dont take me wrong wrong here I am not a Paypal lover ... I think it is a good concept if all the wrong safeguards were in place and I hate the fact that they tell lies about seller protection ... but for the life of me I find it very dificult to understand how anyone could access my money ... in that regars I think I am less lokekly to get ripped off than say the possibility of a card reading scam because all paypal transactions go through the third party holding facility .... I just dont understand how it could  happen ... would be interestrd if anyone new

[cueperkins]

Smee.....I can't give you any idea of how that's done in practice, but the internet is full of stories about this very thing.....

Let me however, express a concept to you about Paypal's UA.....They relieve themselves of all imagainable risk....including Identity Theft, Fraud and Data interception specifically....why would you think they'd be reversing that liability onto consumers if it weren't possible?.....Corporations don't attempt to contract themselves out of imaginary risk.....rather all 'Imaginable' risk.  If there were no risks, they wouldn't need a UA that specifically contracts them out of any liability now would they?   Of course, if they signed the EFT code, then it wouldn't be an issue.....they'd be totally responsible if accounts were taken over or hacked into even via phishing emails.  They'd also have to lift their game in respect to consumer safety. 

Until someone can explain to me why Paypal seek to contract themselves out of any legal obligation to account holders, I will consider them an unsafe payment product.....as you say...great concept....I wish our banks would offer us a similar product, then I'd just use that....at least I'd still be indemnified with a bank product....not so with Poopal.

[cueperkins]

This link is an American account of this issue, from a Payment Systems Professor who was hacked, but luckily he says he didn't have his bank accounts linked.....

http://ucclaw.blogspot.com/2009/09/paypal-account-hacked.html

[cueperkins]

http://forums.whirlpool.net.au/forum-replies-archive.cfm/1026031.html

An Australian account of fraud directly from her bank account....allegedly...

[cueperkins]

Crikey, this one even has instructions on how easy it is to hack an ebay account?...sheesh.....I wouldn't dare try anything like that so I can't be sure it's real...but holy heck.....what next?

http://hubpages.com/hub/Hacked-Paypal-Account

[cueperkins]

IN fact Smee....there are so many horror stories about this very subject, they're all over the net from US to UK and Oz.....

http://lists.apple.com/archives/augd//2003/Jul/msg00080.html

It seems that once into the Paypal account any link to a credit card or debit card is insecure and the crooks can just make purchases with the Paypal Account which automatically debits whatever bank account or CC you have linked....I guess that's how they're doing it Smee...

The fact that Paypal has such lax security and no indemnification of account holders, and yet they are one of the biggest targets for fraud on the net.....well...says it all really....where there's a loophole frauds will find it.....

A Question.  If someone hacks into your ebay account and buys something using Paypal......doesn't that automatically give them access to your Paypal Account?  Or do you have to log in when making a payment through Ebay's checkout system?  remember, I don't use Poopal, so I don't know this aspect....

[*smee*]

Cupie , my point is that you are no more likely to get hacked through paypal that by any other direct hacking into a bankn account

The advantage is that every single transaction through Paypal you as the account holder get emailed immediatley so you can pick it up straight away if you have been scammed ....
if some one buys something using your credit card or withdraws money from one of your bank accounts ... you dont find out till the next time you get a statement or you check your balance via the net or atm .... the bank doesnt email you details of each and every transaction as it happens

So yes it may happen ... is there any more risk of it happenening than say using an atm or eptpos machine that a scammer has attached a card reading device too ... I doubt it ......
If both happened which are you more likely to find out about first so you can take action to get reimburesed ? I would have to say paypal in this instance

and the added bonus is that if someone did hack into my paypal account and then through that hacked into my bank account ... all they can do is pay money to another paypal account they cant just pay it direct to their bank accounts and run away with it ... they have to pay it to an email address and that email address has to be linked to a bank account which pay pal would have checked out to some extent even if it doesnt comply to the strictess of verifaction processes . But if the crook then tried to transfer my stolen money from his paypal account to his bank account it takes a minimum of 3 days ...  but paypal emailed me immediatley they actually took the first step some 3 days ago so by now I would know and put a stop to it .... if I got hacked straight into a normal account not associated with pay pal or my credit card I may not know about it untilo I got and checked my statemnt or did a balance check during the course of the month and realised that there was a descrepency 

[*smee*]

any how we arent going to achieve anything here...... so lets just not go there 

[cueperkins]

No offense Smee, but it's not up to you to call a stop to discussion...whenever you don't agree...you were the one who wanted to explore it further...

Cupie , my point is that you are no more likely to get hacked through paypal that by any other direct hacking into a bankn account

Being a cynic to some degree Smee.....I'd say prove it.....I know one thing for certain, if my bank account is hacked (unlikely with current bank security)...I'd be indemnified.....big difference....

The advantage is that every single transaction through Paypal you as the account holder get emailed immediatley so you can pick it up straight away if you have been scammed ....

By the same token.... if someone makes a withdrawal or payment on my online bank account, I get an instant email from the bank.....same with the credit card......furthermore, I have a security key, so it's unlikely that anyone can now hack into my bank account, but then I don't have a debit authority with anyone, including Paypal.   this bit seems to be the weak link....connecting it to Paypal....for instance Ubb....why won't you link your account to Paypal?  think it might not be secure?....hands up everyone else who doesn't link accounts to paypal for the same reason?.....

You ask what can they do once into your paypal account?  Do you realise how many sites take Paypal now? and with a debit authority attached, it's instant....only at the bank end can you really stop it after the fact....(anyone ever gritted their teeth trying to get rid of a debit authority?).....lol.......You have to close your account to get rid of it.....been there, done that........just saying.....Someone might make an expensive purchase, pick it up the same day and bobs your uncle....you're done like a dogs dinner.

[*smee*]

A Question.  If someone hacks into your ebay account and buys something using Paypal......doesn't that automatically give them access to your Paypal Account?  Or do you have to log in when making a payment through Ebay's checkout system?  remember, I don't use Poopal, so I don't know this aspect....

why would some one go to all this trouble ??? if they did that I would get the stuff they bought .... sellers must post to the address attached to my pay pal account ...
If they happened to log into my eBay account yes they could pay with my attached paypal a/c but they wouldnt get access to view my pay pal account coz they need that pass word .... also if they did happen to hack into my ebay account and buy something and pay with my paypal account . I would get an email from ebay saying I had purchased something , It would also appear in my 'my ebay section' , I would also get an email from pay pal confirming that I had just made a purchase using my pay pal account, I would alsomore than likely   get an email from ebay and the seller advising that payment had been made and item posted   and as I said on top of all that the seller is obliged to send the item to my address .... So I am pretty sure I would know prompytly something had been purchased using my accounts that wasnt by me .

[*CountessA*]

A scammer typically changes the password, email address, etc., for the PayPal account.

Then he spends up big, using the PayPal account owner's bank account or credit card.

What happens when the customer finds out, and finds that his bank account has been debited? That's what people generally mean when they say they've been "hacked". It's not really the correct term, because their bank account hasn't been hacked - it's their PayPal account which has been hacked. However, this gives the hacker ACCESS to the bank account via PayPal.

For the owner of the PayPal account, it's not so bad if the credit card was used. He's protected by the EFT Code of Conduct; he'll be reimbursed, assuming he gets on to his c/c provider as soon as he notices something amiss, and informs PayPal as well to prevent any further depredations on his account. However, I'm not so sure about what happens if a customer finds his bank account has been accessed via PayPal. Will he be reimbursed? Not by PayPal, I think... (please correct me if I'm wrong). What if the hacker transfers money from the attached bank account to the PayPal account within PayPal, and then transfers that as a "gift" to another account? Who's responsible? Who will repay the unfortunate fraud victim?

Your mission, should you choose to accept it, is to find out what happens in these instances. Assume that the perpetrator cannot be located and the money cannot be retrieved from the scammer/hacker.

[*smee*]

No offense Smee, but it's not up to you to call a stop to discussion...whenever you don't agree...

I wasnt calling a stop to discussion in general Cupie ... I was calling a stop to discussion between you and I as I thought we werent going to achieve anything

[gr8-expectations]

in terms of HOW they can access the bank a/c through paypal, a hacker would use the "add funds" option and the bank or credit card as the funding source I guess? So really this back door way into a bank account would be far easier in terms of perpetrating a fraud than trying to hack into the highly secure online banking sites

[gr8-expectations]

they would then (after receipt of the cleared funds from the victim's bank account linked to their Paypal) add a new bank account in paypal and transfer the money out to that account, the trail would be obvious to investigators (later) but by then the "horse" would have bolted and the fraud complete

[gr8-expectations]

the "added" account being a transient one for the purposes of the fraud

[gr8-expectations]

OR put up a bogus item on ebay through their ring of accomplices or themselves under another ebay ID, BUY the item(s) for an overpriced or fair value and pay for that item using the "hacked" paypal account funded by the victim's bank, no trail as such, no bank details provided, harder to track etc....

[*CountessA*]

Likelihood of having a PayPal account hacked in comparison to having a bank account hacked - significantly higher.

I'll explain why.

Online bank accounts have an unknown user name (login name), and are required to have a fairly strong password. On most online bank sites now, the password is entered not by typing (inherently quite hackable), but by clicking onto the letters and numbers on the screen.

Compare to PayPal - your login name is your email address, for goodness' sake! And the password is not required to be strong. In fact, most PayPal users like the "ease" of use of PayPal - because the password can be very simple and easily remembered. I.E., very easily hacked. VERY easily hacked. Also bear in mind the PayPal password is typed in, and in some cases I've even heard of people foolishly letting it be REMEMBERED by their browser. It boggles the mind to know how insecure that is.

Online banking sites also have high state-of-the-art SSL.

Compare to PayPal - well, apparently they also have state-of-the-art SSL.

Online banking sites have employees who are subject to Australian financial regulatory and criminal laws.

Compare to PayPal - most of those employed by PayPal are not even IN Australia, and much of the work is known to be outsourced. Security and discretion with employees? Not convinced...

[*smee*]

Your mission, should you choose to accept it, is to find out what happens in these instances. Assume that the perpetrator cannot be located and the money cannot be retrieved from the scammer/hacker.

a good mission suggestion ... one well worth investing some time into ,
unfortunatley from today onwards until mid to late December I am flat out with commitments and then Christamas is upon us .. But I will certainly check into it thoroughly once things have settled down for me early in the new year if someone reminds me ... unless some one else has the time and inclination to do so prior

[*CountessA*]

Whichever one of us (or however many of us) can spend a bit of time on this, it would be a good thing to follow up.

With knowledge comes ... er... knowledge.

[*Yibida*]

A scammer typically changes the password, email address, etc., for the PayPal account.

Then he spends up big, using the PayPal account owner's bank account or credit card.

What happens when the customer finds out, and finds that his bank account has been debited? That's what people generally mean when they say they've been "hacked". It's not really the correct term, because their bank account hasn't been hacked - it's their PayPal account which has been hacked. However, this gives the hacker ACCESS to the bank account via PayPal.

For the owner of the PayPal account, it's not so bad if the credit card was used. He's protected by the EFT Code of Conduct; he'll be reimbursed, assuming he gets on to his c/c provider as soon as he notices something amiss, and informs PayPal as well to prevent any further depredations on his account. However, I'm not so sure about what happens if a customer finds his bank account has been accessed via PayPal. Will he be reimbursed? Not by PayPal, I think... (please correct me if I'm wrong). What if the hacker transfers money from the attached bank account to the PayPal account within PayPal, and then transfers that as a "gift" to another account? Who's responsible? Who will repay the unfortunate fraud victim?

Your mission, should you choose to accept it, is to find out what happens in these instances. Assume that the perpetrator cannot be located and the money cannot be retrieved from the scammer/hacker.

==================================================================================

Countess is correct, quite a few years ago when I first started using Obey and was not aware of the peril's of clicking links in emails my Obey account was hijacked, I first noticed by the amount of questions I was receiving about laptops and cameras I apparently was selling ! I counted over 100 laptops and the same amount in cameras, I contacted ebay live help and told them what had happened and they removed all the listings and disabled the current password so I could reassign another password, { I noticed the same morning it happened so no one had won or paid for any items } once I regained control I looked in my settings, they were all changed ! third party authorizations - password - notifications - two emails / one mine / one other ? and others I don't remember now, I got to relaxed with security, it has only happened the once, funny how you learn very quickly all about online security when you've been bitten, with the applications I use now there's more chance of me winning the lottery than my network being breached....  

[gr8-expectations]

yibby it would be good if you have time later to start a thread listing the software and other security provisions that people can use to protect all their paypal and ebay accounts

good input, as you say until you experience it yourself you dont realise the extent of what they can achieve with a hacked account and the damage possible

[*wheels*]

from the PayPal News board on eBay AU

http://forums.ebay.com.au/topic/Paypal-News/Information-Regarding-Paypal/600125597#1258691891123

The identity verification request does not mean that there is illegal activity occuring; it simply means that an account has been identified as requiring additional review or verification or the account has reached the designated transaction level to require identity verification.

..

These laws impact all financial institutions including PayPal Australia which is subject to similar regulations as Australian banks (such as Westpac Bank, ANZ, National Australia Bank, Commonwealth Bank etc). The only difference between banks and PayPal is that PayPal does not have branches so is unable to validate your identity face-to-face.


I don't understand why ALL PayPal users are not verified on opening an account. This can easily be done online in a matter of seconds. I have an ING Direct account - no Bank branch, all transactions are done online - and verification was required on opening. I had to supply name, address, TFN etc and verification was done almost immediately.

[*Yibida*]

yibby it would be good if you have time later to start a thread listing the software and other security provisions that people can use to protect all their paypal and ebay accounts

good input, as you say until you experience it yourself you dont realise the extent of what they can achieve with a hacked account and the damage possible

Gr8 to see you...pun intended... tess has already done that, outlined online security procedures here somewhere, I'm sure I read it .... { NO splut for you ! ~ splut nazi...LOL }

[Roo]

Countess is correct, quite a few years ago when I first started using Obey and was not aware of the peril's of clicking links in emails my Obey account was hijacked, I first noticed by the amount of questions I was receiving about laptops and cameras I apparently was selling ! I counted over 100 laptops and the same amount in cameras, I contacted ebay live help and told them what had happened and they removed all the listings and disabled the current password so I could reassign another password, { I noticed the same morning it happened so no one had won or paid for any items } once I regained control I looked in my settings, they were all changed ! third party authorizations - password - notifications - two emails / one mine / one other ? and others I don't remember now, I got to relaxed with security, it has only happened the once, funny how you learn very quickly all about online security when you've been bitten, with the applications I use now there's more chance of me winning the lottery than my network being breached....  

Yibs and Gr8 have pretty much given a good insight into how this all works.

Believe it or not...my Ebay account was hijacked many years ago now....which inadvertantly led me to find Redeye's Hijack Hunter thread.

Long story cut short....Over the years I have found that Hijackers have specific targets usually...those that are casual users...and very rarely check their Ebay accounts...let alone their emails!

And, also, high volume sellers that may miss strange emails and don't have a chance of checking their listings properly.

People that check all their business regularly will usually catch out anything untoward happening....but the hijackers take that into account too...by insisting that people pay off site or immediately....and then they cross their fingers hoping they get the dollars in their hand before anyone catches on.

For high value items, they only need to snare one buyer that pays quickly....and their time spent on the scam is worth it to them.

It's not rocket science...the crooks just rely on people being gullible and trusting....and not questioning if anything seems a bit strange.

And Ebay is full of people like that unfortunately.

[*CountessA*]

What?

Wheels, reading your quotation from what PayPal say, I am gobsmacked.

The only difference between banks and PayPal is that PayPal does not have branches so is unable to validate your identity face-to-face.

This is so very untrue that it leaves me gasping. The ONLY difference between banks and PayPal is that PayPal does not have branches? Really? Is that so? I think the RBA would be most fascinated to read this statement. I think ARFR would be fascinated, also. Let's not discuss the real differences, then...? How about the really BIG difference? That PayPal is not a signatory to the EFT Code of Conduct?

AAAAGH! That is a grossly, grossly, GROSSLY misleading statement.

Join me in a moment of gobsmackery. Please... 10 seconds' silence followed by a primal scream?

[cueperkins]

*Primal Scream Mode*......Engaged....

[*CountessA*]

I... think... we can stop screaming... *head is ringing*

[eBuster]

Someone posted in the UK palpal forum that paypal took money from their bank account long after they had closed the paypal account and what realy upset them was they could nothing about it.

Thats the way it is in the UK where the FSA has an excuse for not investigating eBay/Paypal because it's not a bank, it's not an auction house and they are registed abroad.

facts are eBay has some friends in high places and beleive me this includes the UK police.

A leaked email sent to victims of an Ebay fraud has once again exposed the woeful lack of police resources devoted to solving e-crime. The email reveals:

A single police constable is leading an investigation into crimes totalling tens of thousands of pounds
A complete lack of co-ordination between different police forces

That Ebay has "a big problem" with a hijacked account scam being perpetrated across the UK
 

PC Pro reader, Andrew Holder, contacted us after police failed to act on his report of Ebay fraud. He paid £600 for electrical equipment that never arrived. "I phoned the police in Belfast, where the seller listed himself, but they said I should report the case to my local station, which I did," he says.......................................

More details http://www.ebuster.co.uk/Police.aspx



Doing nothing is not an option.