25 February 2020

PayPal customers hit with fraudulent charges via Google Pay


PayPal customers hit with fraudulent charges via Google Pay

Since last week multiple PayPal users have been baffled by mysterious charges on their PayPal accounts linked via GooglePay. Issues have been reported on numerous platforms including PayPal's and Google Pay’s support forums, Reddit, and Twitter.

Victims report that their Google Pay accounts are being used to make unauthorized purchases, with most of these transactions are being charged through US shopping stores, such as Target stores or Starbucks. The transactions range from €1,73 to over €1800 and, interestingly, the majority of victims appear to be from Germany.

Currently, it’s not clear what bug fraudsters are exploiting, but a security researcher known as 'iblue' tweeted that this issue appear to be similar to a bug reported to PayPal a year ago.

“Issue: PayPal allows contactless payments via Google Pay. If you have set it up, you can read the card details of a virtual credit card from the mobile, if the mobiles device is enabled. No auth. So basically anyone near your mobile phone has a virtual credit card which deducts money from your PayPal account. Its not limited in validity or amount,” the researcher said.

The researcher has told ZDNet that an attacker could obtain a virtual card's details via three methods: by reading the card details from a user's phone/screen; by infecting a user’s device with malware; or by brute-forcing it.

PayPal said that they are investigating the issue and that they would be refunding all affected users.

Back to the list

Latest Posts

Free VPN apps on Google Play turned Android devices into residential proxies

Free VPN apps on Google Play turned Android devices into residential proxies

The threat actor behind this scheme profits by selling access to the residential proxy network to third parties.
28 March 2024
Cyber spies strike Indian government and energy sectors

Cyber spies strike Indian government and energy sectors

The operation involved phishing emails delivering the HackBrowserData info-stealer.
28 March 2024
Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024