1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Attention: regarding Skrill (Moneybookers) account security

Discussion in 'BlackHat Lounge' started by Junkfood00, Nov 5, 2012.

  1. Junkfood00

    Junkfood00 Elite Member

    Joined:
    Sep 13, 2011
    Messages:
    1,949
    Likes Received:
    1,336
    I have an account with Skrill and I forgot my password so I went ahead to reset the password expecting to go through some complicated procedure with emails back and forth and to my surprise it just asked for the email and the birth date! It directly forwarded me to a page where I could type in a new password. This is a serious security issue for everyone. Now of course expect to do some extra checks if you're trying to login/reset from an unusual address but still, anyone can use a proxy.

    Let's say you do business through Skype and you put in all your personal data when you signed up, all that is visible to the public, once the fraud idea pops up for someone, forget about the money, Skrill won't give you your money back, there is no dispute process.

    The account owner does receive emails regarding password change but how long do you think it takes to send money..

    I know of no method to protect yourself rather than removing all credit cards and withdrawing the money when you receive it, but a withdrawal has a fixed fee attached unfortunately, if someone knows of any way, please do input here.
     
    • Thanks Thanks x 2
    Last edited: Nov 5, 2012
  2. SolveMyMaze

    SolveMyMaze Regular Member

    Joined:
    Jun 10, 2011
    Messages:
    487
    Likes Received:
    199
    That's why when I use Skirll and PayPal, I only tie them to an account that's got a severely limited supply of cash and as you said JunkFood, withdraw the money when you get it. It's a shame that some will try any opportunity to scam people out of money. However, I would suggest that everyone has more than one bank account anyway.

    After the major banking crisis in the UK, especially Northern Rock, people couldn't access their account and thus they couldn't get their money. Spread things around a bit to prepare for that eventuality. A similar problem was with NatWest in that people just couldn't withdraw from their account due to an IT error.
     
  3. Junkfood00

    Junkfood00 Elite Member

    Joined:
    Sep 13, 2011
    Messages:
    1,949
    Likes Received:
    1,336
    An update on this. You can now relax! They have now implemented the usual password reset procedure and even added some phone verification too, so now you have to verify via email, via phone and birthday date.
     
    • Thanks Thanks x 1