I've been on the phone with PayPal on far too many occasions, and they definitely know how to handle these issues quick.
Although, you wouldn't even really have to call them. You can dispute the charges with like two clicks on your account page. It's just that if you call them, they can instantly settle the dispute in your favor.
Most paypal fraud, like credit card fraud happens at a very small scale. A fraudster pays $50 for 50 accounts and then spends a day with them and maybe walks out with $300.
The guy selling the accounts sells hundreds of thousands of them, and obviously doesn't get involved in the fraud itself.
This is why this whole thing is so strange, there's a bunch of people claiming that someone hacked teamviewer and is now using that access for petty paypal fraud instead of targetting the tens (if not hundreds) of thousands of PoS systems teamviewer is used to manage.
>Are they hoping that a small % of their victims won't notice the fraudulent transactions?
No, they certainly don't care if the payments get charged back or not. If they try to send money to their own account, it'll be suspended before they can actually withdraw it out of PayPal.
Instead in this case they seem to be trying to buy itunes gift cards, undoubtedly with the intent to sell them (on sites such as g2a.com) before they get cancelled.
RDP at home is certainly difficult, but I have to disagree on the performance bit. In fact, RDP is probably by far the best such protocol in use right now.
>Of the hundreds of support requests I've responded to post-attack, all except one attack was carried out over TeamViewer.
And my experiences with repeatedly calling these guys had different results, that's fine.
>A tech support scam attacker would have many first-time connections to many other first-time TeamViewer users who are generally seniors instructed to run the TeamViewer app over the phone. While they may use a pool of computers/TeamViewer IDs, and a pool of IPs, there's limits to the cost-effectiveness of scaling that variation, and a pattern should definitely be visible.
And then the scammers will just switch to VMs and socks5 proxies. (They probably already use the socks, considering they're buying them in bulk)
>"Assuming proper rate limiting" seems like a large assumption, given that the possible attack vectors are guessing the random alphanumeric passwords and testing password dumps for account pairs from other services that work with TeamViewer.
The mere fact that this all happens over the network is a plenty of ratelimiting.
>Defaulting to accepting any connection from anywhere seems like a great example of poor security configuration by default.
Based on my reading there certainly exists such a duty when it's beneficial, obviously tax avoidance isn't explicitly beneficial though. Potential law changes or even bad press could cost more than the amount of money saved.
>If your story is true, then you were, as it appears, wrongfully and unlawfully imprisoned. I think you should at least try contacting press and some lawyers -- if what you are saying is a true story.
I was indeed wrongfully imprisoned, but by the Finnish government. I can and will receive compensation from them but at best that's going to be a few thousand euros per month, a nominal sum considering the time lost. It's hardly an irregular thing here, mostly because every single case where a person is taken into investigative custody and not given a prison sentence is treated as such. This has created a situation where these cases are so common that the justice system treats them as acceptable routine.
Honestly, going after the FBI for lying to the Finnish police would probably be a pretty hard case to win. Especially considering how blatantly unreasonable the behaviour of the .fi authorities has been.
It's possible that I could win. But that wouldn't really achieve anything, it wouldn't make the .fi authorities stop.
The best option I have available is to keep fighting my charges in Finland, as no matter whether I win or lose it'll be significantly harder for any other country to prosecute me for those same crimes. The courts here are fairly reasonable, while they require ridiculously low standards of proof, you essentially have to kill someone to actually go to prison here. Perhaps that makes it easier to say "guilty" just to play safe, keep the LE and prosecutors happy.
Not necessarily. I've spent the last few years fighting various hacking charges in Finland and will most likely continue to do so for several years to come.
The law enforcement here will consistently take anything the FBI tells them as a fact, even when the information provided by them has been consistently shown to be false or even maliciously fabricated.
I spent 3 months in jail in 2014 because the FBI emailed the Finnish NBI and alleged that I had perpetrated various attacks against large US tech companies, they provided some information vaguely connecting me to the crimes and claimed to have further evidence they'd deliver shortly. They requested that the Finnish police arrest me and seize my equipment, they did so without question.
Based on that single contact from the FBI the Finnish NBI held me in jail for 3 months and banned me from using the phone or in any manner communicating with anyone outside the jail. After the 3 months had passed the FBI had still failed to deliver any evidence, and the Finnish police had failed to discover any. In fact, they had unquestionably discovered heaps of evidence against the aforementioned allegations since the very day they arrested me. Just a few days before Christmas they were forced to very reluctantly release me.
Now it's 2016 and I just recently got a letter stating that most of those charges have been dropped as the FBI has failed to deliver the promised evidence. I've also received letters informing me of various covert surveillance techniques utilized against me after my release. These are supposed to require an even higher standard of proof than keeping someone in investigative custody, but obviously they're hard to contest when you aren't told about them.
Incompetent fucks desperately hoping to score big wins for their careers or with personal vendettas are hardly an US only problem, but at least in the US I could've fought the FBI in court. That's hardly an option here. The only thing that's better here are the sentencing policies.
Although, you wouldn't even really have to call them. You can dispute the charges with like two clicks on your account page. It's just that if you call them, they can instantly settle the dispute in your favor.