| Pages in topic: < [1 2 3 4] > | Beware of Moneybookers: they do not refund your money when it is stolen by hackers!... Thread poster: Gaetano Silvestri Campagnano
|
|---|
| I am sorry for you Gaetano | Nov 4, 2008 |
Very sorry,
I don't know why but I never was confident about Moneybookers, it was a feeling, and now I see I was right.
Despite many colleagues recommended it to me because of the cheap fees, I always had a bad feeling.
I opened an account but never used it, like I said I had that bad feeling.
Instead I have to say that Paypal solved a big issue on my behalf, even if they had no responsibility.
Last summer my bank suddenly chan... See more Very sorry,
I don't know why but I never was confident about Moneybookers, it was a feeling, and now I see I was right.
Despite many colleagues recommended it to me because of the cheap fees, I always had a bad feeling.
I opened an account but never used it, like I said I had that bad feeling.
Instead I have to say that Paypal solved a big issue on my behalf, even if they had no responsibility.
Last summer my bank suddenly changed my Iban and the money they sent to the bank never arrived to my bank, but it was my bank fault.
The bank wasn't helpful, instead paypal managed in such a way to recover my money (in almost 2 months but they recovered it).
So... despite the expensive fees, and after your bad experience, I will continue to use paypal only.
I really hope you can solve your issue Gaetano and thanks a lot for informing us.
Good luck
Angio
[Edited at 2008-11-04 09:36] ▲ Collapse
| | | | | Thanks a lot! | Nov 4, 2008 |
Hello Angioletta
Thank You Very Much for your support and your interest in this issue.
I hope to give good news also to you as soon as possible.
Best Regards,
Gaetano
| | | | Tsogt Gombosuren 
Canada
Local time: 10:32
Member (2004)
English to Mongolian
+ ...
| Agree with FarkasAndras | Nov 4, 2008 |
FarkasAndras wrote:
stephanie45: Monebookers notified you that there were unsuccessful login attempts. How does that transate to "MB has security problems"? If someone makes a typo in their own email address that happens to be similar to yours and ends up putting in yours, that's an unsuccessful login attempt.
Of course it is far more likely that someone was trying to get unauthorized access, possibly guessing at passwords. Unsettling, but MB could not possibly prevent this in any way, ever, whatever they do. No site can. All they can do is notify you, (and perhaps block access after a given number of unsuccessful logins) and they did just that. It is quite possible that paypal or other similar sites/banks/email providers do not warn you of unsuccessful logins. Do you think that makes them safer?
To OP: there is no contradiction. I think MB may not be at fault in the transfer but is still obliged to settle the issue, simply because the transaction was not done by the owner of the account. They may not be obliged, though. Keep us posted.
Example: what if somebody steals your debit card and you had written the PIN on it with permanent marker? The thief takes money from an ATM with it, you may not get it back. I don't know.
You are getting really far off here:
"it is up to Moneybookers to protect their users' personal data that are stored in their Website, and prevent anyone to access that data, no matter if this unauthorised access is carried out with or without an attack to an e-mail account."
How would they stop someone logging in with the correct password/using the password reset procedure? Do you want them to drive over to your house and check your identity in person every time you log in? All they HAVE for verification is your email account, that is what a MB account is tied to. If someone gets access to your email they got your MB. Scary, but simple and logical.
Sorry that I'm not too supportive here, I just like to get the facts straight.
Yes and I don't think that PayPal is safer than MoneyBookers.
| | | | Oleg Rudavin
Ukraine
Local time: 19:32
Member (2003)
English to Ukrainian
+ ...
| On irrelevance... | Nov 5, 2008 |
Hi Angio,
Angio wrote: I don't know why but I never was confident about Moneybookers, it was a feeling, and now I see I was right.
What strikes me as strange is the logic:
I don't know, I have never seen a sigle film by this producer, but I never liked them anyway; it was just a feeling. Now that somebody said they are bad I see that I was right
Is it essentially what you are saying?
A while ago a friend of mine was in a more or less similar situation (with a bank card, but that doesn't matter). He argued he didn't do anything so it must have been the other party - namely, the bank - to blame for what happened.
Almost a year after that, after a lot of quarreling, threats, investiogations, after the bank refunded the amount, my friend learned - only my chance - that it was his 17-year-old son using his card.
I'm not defending MB; I'm not driving at anything; it's just that in the modern, largely electronical world, and in the modern society we are not safe. And the best way to avoid unpleasant experience is to not let it happen. With MB or any other web-based system, it's quite simple: don't keep money there! Use it for receiving money, not for keeping!
| | |
|
|
|
Rod Brookes
Spain
Local time: 18:32
Member (2008)
Spanish to English
| Apologies for the digression... | Nov 5, 2008 |
but that's odd, I was reading this thread with interest when Norton AntiVirus decided that page two of the thread was a Suspicious Web Page and blocked it. Wonder what it read that it didn't like? Doesn't happen very often.
| | | | Kaspars Melkis
United Kingdom
Local time: 17:32
English to Latvian
+ ...
| MB should take full responsibility for fraudulent transactions | Nov 6, 2008 |
Oleg Rudavin wrote:
I'm not defending MB; I'm not driving at anything; it's just that in the modern, largely electronical world, and in the modern society we are not safe. And the best way to avoid unpleasant experience is to not let it happen. With MB or any other web-based system, it's quite simple: don't keep money there! Use it for receiving money, not for keeping!
There are several good reasons why someone would not want to withdraw money immediately. Withdrawal fees is one of them. And less administrative hassle when you wait when several payments have been accumulated especially if one uses MB regularly. If the service is that unreliable that you must be afraid to keep the money temporarily then the service should be improved.
It is strange that MB cannot get back the full amount from the gambling sites if they have recognized the transaction as fraudulent. I mean, every merchant takes great risks accepting online payments that are not duly authorized, why it should be different for them?
If as a freelancer I had accepted payment from a hacked account, most certainly the bank or Paypal would have reversed it in full. In fact I recently have gotten completely legitimate Paypal payment frozen and reversed just because the payer had not confirmed his home address and did the payment while in another country. The problem was later solved amicably but Paypal's initial reaction seemed reasonable in view of circumstances. As small service providers we understand how important it is to know the client and avoid fraudsters.
There indeed appears to be suspicious symbiosis between gambling sites and MB as it is hard to imagine even more favorable oasis for cc fraud. Maybe Paypal's policy to forbid dealings with gambling sites is a right choice after all.
| | | | Oleg Rudavin
Ukraine
Local time: 19:32
Member (2003)
English to Ukrainian
+ ...
| To Kaspars Melkis | Nov 6, 2008 |
Kaspars Melkis wrote: Oleg Rudavin wrote:
I'm not defending MB; I'm not driving at anything; it's just that in the modern, largely electronical world, and in the modern society we are not safe. And the best way to avoid unpleasant experience is to not let it happen. With MB or any other web-based system, it's quite simple: don't keep money there! Use it for receiving money, not for keeping!
There are several good reasons why someone would not want to withdraw money immediately. Withdrawal fees is one of them. And less administrative hassle when you wait when several payments have been accumulated especially if one uses MB regularly. If the service is that unreliable that you must be afraid to keep the money temporarily then the service should be improved.
Safety always come at a price. So it's either keeping (and taking an additional risk) or withdrawing (and accepting the rates + admin hassle). A choice as simple as that.
It is strange that MB cannot get back the full amount from the gambling sites if they have recognized the transaction as fraudulent.
Was it ever proven that the transaction was fraudulent?
| | | | Kaspars Melkis
United Kingdom
Local time: 17:32
English to Latvian
+ ...
| still Moneybookers responsibility | Nov 6, 2008 |
Oleg Rudavin wrote:
Safety always come at a price. So it's either keeping (and taking an additional risk) or withdrawing (and accepting the rates + admin hassle). A choice as simple as that.
It is not so simple. There are consumer protection laws in place etc. In the same way as you cannot sell defective or dangerous products for extra low price, financial services are also strictly regulated in most countries. They cannot simply say that this will be a very cheap service to send money but you have to put up with a certain percentage of lost transactions due to fraud that we do nothing about. It is not possible to avoid fraud completely but there should be clear procedures how such situations can be dealt with.
Was it ever proven that the transaction was fraudulent?
The starter of this thread already confirmed that and I have no reason not to believe him. MB also made a partial refund which indicates that MB also believes that it was a fraud. The only question is who takes the responsibility? Now it is MB turn to prove that it was Mr. Campagnano's negligence that his account got hacked. It may be the case but they cannot act just on assumption. They could look into the logs but they probably show that it was done from the IP that is not even in his country.
With lately increased reports about Moneybookers incidents it appears that the problem is that MB does not ask for a security question when resetting a password. Birth date and zip code are available for most freelancers on proz.com, so that's no security in this case and MB practice is the same as sending a new password directly to e-mail inbox. E-mail was never considered to be a secure media as it travels in plain text, is stored on many servers unencrypted and backuped for a long time etc. For all I know there could be hundreds of dishonest network administrators who are exploiting this MB flaw. Looking from this perspective why MB still require https:// prefix on the logon page if their back door is wide open?
| | |
|
|
|
Oleg Rudavin
Ukraine
Local time: 19:32
Member (2003)
English to Ukrainian
+ ...
| Rectangular thinking: think dialectic | Nov 6, 2008 |
Kaspars Melkis wrote: Oleg Rudavin wrote:
Safety always come at a price. So it's either keeping (and taking an additional risk) or withdrawing (and accepting the rates + admin hassle). A choice as simple as that. It is not so simple.
Agreed
The starter of this thread already confirmed that
He said that.
It's the starter's word against MB's word.
Imagine one of my daughters (I have two, aged 21 & 22) uses my banking card (without my permission). Does it qualify as unathorized/fraudulent/hacker's behaviour?
I don't know.
Will you take sides in this situation?
In the example (my friend's) I gave, the bank refunded but it appeared to be just a goodwill gesture: the card was used with all the PIN's and CVV's in place, how could the bank detect unathorized/fraudulent/hacker's act?
The idea is as follows: be dialectic. Never blame the other party unless you have sufficient evidence it's not your own fault
| | | | | I have no children | Nov 6, 2008 |
Oleg Rudavin wrote: Kaspars Melkis wrote: Oleg Rudavin wrote:
Safety always come at a price. So it's either keeping (and taking an additional risk) or withdrawing (and accepting the rates + admin hassle). A choice as simple as that. It is not so simple. Agreed The starter of this thread already confirmed that He said that. It's the starter's word against MB's word. Imagine one of my daughters (I have two, aged 21 & 22) uses my banking card (without my permission). Does it qualify as unathorized/fraudulent/hacker's behaviour? I don't know. Will you take sides in this situation? In the example (my friend's) I gave, the bank refunded but it appeared to be just a goodwill gesture: the card was used with all the PIN's and CVV's in place, how could the bank detect unathorized/fraudulent/hacker's act? The idea is as follows: be dialectic. Never blame the other party unless you have sufficient evidence it's not your own fault
Hello Oleg
I really hope thay you are not putting in doubt Moneybookers' very clear responsibility in this situation, and the sincerity of my report, that I also described many times and in details: Moreover, I am also surprised that you still seem to have doubts, although we all have read, even in this forum, about several misadventures of our colleagues, due to Moneybookers' unreliability.
Moreover, referring to your repeated example of your friend's son, I can also assure you that I am not married and none in my home even knows what the word Moneybookers means...
Regards,
Gaetano
[Modificato alle 2008-11-06 20:59]
| | | | | The good news: it can only get better | Nov 6, 2008 |
I know MB from the time when PP was already big and ugly and MB was a startup with an excellent customer service. While growing bigger, it seems they have become more similar to PP.
I think they will either find a way back to their former excellence, or create a niche for the next newcomer. In Africa some cell phone providers offering mobile banking have already conquered the market, and I would not be surprised if they are lurking for Europe. ... See more I know MB from the time when PP was already big and ugly and MB was a startup with an excellent customer service. While growing bigger, it seems they have become more similar to PP.
I think they will either find a way back to their former excellence, or create a niche for the next newcomer. In Africa some cell phone providers offering mobile banking have already conquered the market, and I would not be surprised if they are lurking for Europe. ▲ Collapse
| | | | Kaspars Melkis
United Kingdom
Local time: 17:32
English to Latvian
+ ...
| MB weak security is a problem here | Nov 6, 2008 |
Oleg Rudavin wrote:
Imagine one of my daughters (I have two, aged 21 & 22) uses my banking card (without my permission). Does it qualify as unathorized/fraudulent/hacker's behaviour?
That would clearly be an unauthorized transaction. While normally you are responsible for the transactions done by your family members, most banks have a policy that if you press charges against them, they would treat it as a stolen card however.
Will you take sides in this situation?
I don't have to. There are policies that should be followed.
In the example (my friend's) I gave, the bank refunded but it appeared to be just a goodwill gesture: the card was used with all the PIN's and CVV's in place, how could the bank detect unathorized/fraudulent/hacker's act?
People reject their own transactions all the time. Sometimes they even honestly don't remember that they have used the card. It is a tough situation for sellers who have to prove that they indeed have purchased the goods or services. There is a reason why most online merchants will ship only to the confirmed cc or Paypal address. This way people cannot claim that they didn't buy the things they have received. It is not foolproof but it is a good measure of protection.
In your example, most probably it was the seller who was unable to prove that it was your friend who used the card so they had to return the money.
The idea is as follows: be dialectic. Never blame the other party unless you have sufficient evidence it's not your own fault
Oh, I am not a judge here. I just see that Moneybookers security model is flawed and I really wish that they would correct it as soon as possible. And I don't want any more victims among my fellow prozians, and I wish Gaetano to get back his money.
When I first read the reports on proz about mysterious MB break-ins I was equally skeptical. But now it has become a pattern that is out of ordinary. MB needs to fix it but if we just sit and accept each case as our own fault, what incentives MB have to fix it?
[Edited at 2008-11-06 23:28]
| | |
|
|
|
| Security question | Nov 7, 2008 |
Kaspars Melkis wrote: With lately increased reports about Moneybookers incidents it appears that the problem is that MB does not ask for a security question when resetting a password. Birth date and zip code are available for most freelancers on proz.com, so that's no security in this case and MB practice is the same as sending a new password directly to e-mail inbox. E-mail was never considered to be a secure media as it travels in plain text, is stored on many servers unencrypted and backuped for a long time etc. For all I know there could be hundreds of dishonest network administrators who are exploiting this MB flaw. Looking from this perspective why MB still require https:// prefix on the logon page if their back door is wide open?
This is the key point, in my opinion - all these breaches could be easily avoided if MB just required a security question. I've recounted my own experience with MB on past threads. Fortunately I had no money in my account so did not lose out financially, but it was very worrying nonetheless.
In my case, MB were not responsible for the breach - almost certainly my e-mail account got hacked and the hacker was able to take all the information needed from that. However, it would be so simple to avoid all these breaches, without any need to go apportioning the blame after the event!
(BTW, MB finally closed my account more than one month after I requested it. That is simply dreadful customer service.)
| | | | | I agree with Kaspars in full | Nov 7, 2008 |
Hello Kaspars,
I perfectly agree with all your considerations.
Thank You Very Much as well for your support and your trust.
I also hope that your wishes will come true, even if, regarding an improvement of Moneybookers, I remain very skeptical, and this is easily understandable, given all the bad reports that we have read, also apart from mine.
Thank You Again and Best Regards,
Gaetano
| | | | | Moneybookers is responsible in any case | Nov 7, 2008 |
Marie-Hélène Hayles wrote:
This is the key point, in my opinion - all these breaches could be easily avoided if MB just required a security question. I've recounted my own experience with MB on past threads. Fortunately I had no money in my account so did not lose out financially, but it was very worrying nonetheless.
In my case, MB were not responsible for the breach - almost certainly my e-mail account got hacked and the hacker was able to take all the information needed from that. However, it would be so simple to avoid all these breaches, without any need to go apportioning the blame after the event!
(BTW, MB finally closed my account more than one month after I requested it. That is simply dreadful customer service.)
Hello Marie Hélène
I think that Moneybookers is always responsible for security breaches, even when an e-mail is hacked taking advantage of the very weak password-changing procedure, that you correctly described. And some colleagues also confirmed this very clear consideration, rightly pointing out that even the deficiency of the above mentioned procedure is a big flaw in Moneybookers's security.
For this reason, I am very surprised by your post's last statement, even if also your account was hacked. In that case, you were lucky because you had no money in your account, and I am happy for you. However, I also suppose that, in case your account had not been empty, and the hacker had stolen also your money, you would have probably had a different opinion.
Regards,
Gaetano
[Modificato alle 2008-11-07 15:38]
| | | | | Pages in topic: < [1 2 3 4] > | To report site rules violations or get help, contact a site moderator: You can also contact site staff by submitting a support request » Beware of Moneybookers: they do not refund your money when it is stolen by hackers!... | Trados Studio 2022 Freelance | The leading translation software used by over 270,000 translators.
Designed with your feedback in mind, Trados Studio 2022 delivers an unrivalled, powerful desktop
and cloud solution, empowering you to work in the most efficient and cost-effective way.
More info » |
| | Anycount & Translation Office 3000 | Translation Office 3000
Translation Office 3000 is an advanced accounting tool for freelance translators and small agencies. TO3000 easily and seamlessly integrates with the business life of professional freelance translators.
More info » |
|
| | | | X Sign in to your ProZ.com account... | | | | | |
Login to reply/comment 
Translation news
