|
|
|
|
|
|
by m-ee
1397 days ago
|
|
|
The past week I've received two invoices for "bitcoin" in my rarely used paypal account. More deviously, the notes for the invoice contain the phone number to a fake paypal support center run by the scammers. So if you were savvy enough not to pay the invoice they might still steal your info when you call to dispute. There's no way to report it through their website, because it's not a completed transaction. I didn't feel like waiting on hold so I sent a chat message and forwarded the email to phishing@paypal. One invoice still remains in my activity but says "no longer available" when I click on actions. Already had me more paranoid about their security and now this comes out. My account still seems to be password + SMS thankfully. EDIT- I didn't know you could even set up TOTP. Last time I used paypal SMS was the only option for 2FA. |
|
|
For a long time you couldn't. They supported Symantec's app, which was TOTP but obfuscated. So for a long time, you had to extract/reverse engineer the seed from the Symantec app.