Well, it finally happened. I have one email adress and one paypal account that I use for all of my mystery shopping....keeps it separate and far easier to reconcile....but beginning five days ago I started receiving dozens of Chinese scam emails every day,...and...my paypal account was hacked, as well. I don't know which MSC is respsonsible (I am thinking IPSOS: My fake middle initial that I only use for IPSOS is showing up in the Chinese scam emails) but I know it was not Paypal. Fortunately, I have held firm to the IPSOS/Ath demand for a photo ID.. so no one has my photo. I am out about $250.00, but will try to retrieve that via the Paypal system (Yes, I am not holding my breath). Changing everything email and paypal related is a chore!

Edited 1 time(s). Last edit at 01/19/2020 02:16PM by salisburync.

I started getting scam emails after the i Secret Shop platform got hacked. I got one that said I had to pay $$ or else all my account info will be published or something like that.

Sorry this happened to you.



Edited 1 time(s). Last edit at 01/19/2020 05:39PM by kimmiemae.

How do you think they hacked your PayPal account? Did you use the same PW for IPSOS and a PayPal?

I too try to stick to one basic password for places that are not directly related to money access like mystery shop companies and a different email password for places where I have money accts like banks and investment funds and paypal. For years I have read the advice to use different passwords. I use a password manager which would make it easier but still did not make the advised changes. Recently I decided to switch to using Chrome instead of Firefox and my password manager pops up every time telling me my (non bank type)password was compromised. I ran a search and it turned out that linked in was the place where my password was compromised.
In any case I decided it is way past high time to do away with two passwords. It has not been that difficult. Every time i sign on to a site using my passwords in the cloud manager (Last pass) that tells me my pw has been compromised I just change the password on the site i just opened. One by one when I use a site I have quickly changed about 15 pw in just a few days. I use what i hope is an easy to remember formula.
On top of everything else I worry that Last Pass will be hacked someday. I am assured by my not old enough yet to be wary of all things and still trusting everything son who is a computer expert is correct that it can not be hacked. Keeping my fingers crossed and hoping a password manager is safer than having only one pw for everything. I hope it is.

It was an unauthorized charge so PayPal has to reimburse you the hacked funds. They will give you a provisional credit until they perform the investigation.

Stay on them.

@salisburync wrote:

Well, it finally happened. I have one email adress and one paypal account that I use for all of my mystery shopping....keeps it separate and far easier to reconcile....but beginning five days ago I started receiving dozens of Chinese scam emails every day,...and...my paypal account was hacked, as well. I don't know which MSC is respsonsible (I am thinking IPSOS: My fake middle initial that I only use for IPSOS is showing up in the Chinese scam emails) but I know it was not Paypal. Fortunately, I have held firm to the IPSOS/Ath demand for a photo ID.. so no one has my photo. I am out about $250.00, but will try to retrieve that via the Paypal system (Yes, I am not holding my breath). Changing everything email and paypal related is a chore!

I started using the 1Password manager a couple of months ago. I'm doing the same thing as you and changing passwords as I happen to go to the sites. However, there's something about the Sassie websites that confuses the program. If you look at their URLs they are very similar, and I wonder if that is the issue.

@sandyf wrote:

I too try to stick to one basic password for places that are not directly related to money access like mystery shop companies and a different email password for places where I have money accts like banks and investment funds and paypal. For years I have read the advice to use different passwords. I use a password manager which would make it easier but still did not make the advised changes. Recently I decided to switch to using Chrome instead of Firefox and my password manager pops up every time telling me my (non bank type)password was compromised. I ran a search and it turned out that linked in was the place where my password was compromised.
In any case I decided it is way past high time to do away with two passwords. It has not been that difficult. Every time i sign on to a site using my passwords in the cloud manager (Last pass) that tells me my pw has been compromised I just change the password on the site i just opened. One by one when I use a site I have quickly changed about 15 pw in just a few days. I use what i hope is an easy to remember formula.
On top of everything else I worry that Last Pass will be hacked someday. I am assured by my not old enough yet to be wary of all things and still trusting everything son who is a computer expert is correct that it can not be hacked. Keeping my fingers crossed and hoping a password manager is safer than having only one pw for everything. I hope it is.

I have an issue with the IPSOS website as both of the websites had the same password. In my password manager tho I identified their shopmetrics site with the name of the shop I do for them most and the sassie site with the name of GFK first which is the original company before they came under IPSOS. Hopefully that will help the issue of my clicking on the wrong one. I do not have any issues with unrelated Sassie companies with Last Pass but with those I also identify the name of the company in my "name" for the website. So if I look for the login for lets say the Sassie IPSOs I just search for GFK Ipsos and it pops up and goes to the right one. I think having different passwords for each Sassie company may end the confusion your password manager has.

Edited 1 time(s). Last edit at 01/20/2020 06:43PM by sandyf.

Can't hackers get in via wifi networks or some sort of back door? I mean to say that maybe it was not the fault of the MSC or PayPal but that some hacker got into your own device or network and gleaned the info. I don't know much about it but it seems like there are more ways to get hacked than most of us can even imagine.

I like Norton Anti-virus. They now include a free password manager and free VPN. And a forum member pointed out the good deal on Amazon for a renewal price. Win Win Win.

@salisburync wrote:

Well, it finally happened. I have one email adress and one paypal account that I use for all of my mystery shopping....keeps it separate and far easier to reconcile....but beginning five days ago I started receiving dozens of Chinese scam emails every day,...and...my paypal account was hacked, as well. I don't know which MSC is respsonsible (I am thinking IPSOS: My fake middle initial that I only use for IPSOS is showing up in the Chinese scam emails) but I know it was not Paypal. Fortunately, I have held firm to the IPSOS/Ath demand for a photo ID.. so no one has my photo. I am out about $250.00, but will try to retrieve that via the Paypal system (Yes, I am not holding my breath). Changing everything email and paypal related is a chore!

I am confused about what exactly happened... What exactly happened?

That's terrible that your account was hacked! I had my Ebay account hacked so I upgraded my PayPal security to MFA (Multi Factor Authentications) since they were linked. You can enable MFA or two-step verification on PayPal so every single time you sign in it texts a code to your cell phone. Yes it's a lot of text messages depending on how many times you sign on but no one can access my account unless they have my cell phone too.