PayPal accounts compromised over 16 months; No response from eBay | The Industry Standard

Online payment service PayPal has had an exploit on its hands for at least 16 months and counting, and seems to have no resolution for it.

A tipster forwarded us screenshots of the fraud, which involves a dummy subscription service to PayPal's sister company Skype, all part of the eBay corporate family. Using the fake Skype subscription, several small charges are made against a PayPal account, all in the same dollar amount.

The first mention of the exploit by a media outlet seems to have been an article in The Register back in June, but complaints on consumer boards like Complaints Board show the problem going back even farther, and a tech column in the Orange County Register appears to show the same problem back in June 2007, with PayPal and Skype reps saying at the time it was the first they'd heard of the problem.

As you can see from the screenshots we received, the phony subscription includes what appear to be Chinese characters in the Billing Description field, and all links are dummy links in the sections for logging back into the PayPal account and reporting errors. In addition, the email address for the "seller" is listed as "unavailable."

PayPal was quick to reverse the charges, but our tipster also had to cancel the credit card account, and PayPal offered no explanation for the problem.

A request made by The Industry Standard to eBay regarding the issues did not receive a reply.