Victim of Skrill Account Compromise Receives Favorable Decision

4 replies [Last post]
HUSNG News's picture
HUSNG News
Offline
Veteran
Joined: May 7 2012

13 Months of Hard Work Pays Off

On May 30th, 2013, twoplustwo user "andyfothershops" logged into his Skrill/Moneybookers account and found that $4,000 USD was missing. After talking with Skrill and looking at all of his accounts, he determined the following:

- The money was taken on May 27th, 2013.

- His Skrill password was not changed.

- There were no failed login attempts, as the attackers succeeded on their first attempt.

- His previous withdrawal was cancelled and a 4k withdrawal was sent to a different Skrill account (presumably the thief's account).

- His email inbox was bombarded with randomly generated emails and he did not notice any withdrawl emails because of this.

- His email was not breached, and both his Skrill account and email account had strong passwords. Only his Skrill account appeared to be breached, and it appeared the thief had his password. He has no explanation for this other than the thief having some sort of a password list.

- An IP traceroute showed that his Skrill account was accessed from an IP that had previously been used by a defunct lawyer's office in Belfast. Andyfothershops lives in Manchester.

- Although he had been looking to order the Skrill RSA security token generator, at the time he did not have this protection on his Skrill account due to the web page that offered it not being accessible.

This was around the same time several users reported having similar things happen to them in a large twoplustwo internet poker forum thread. On June 14th, 2013, Skrill rejected his claim for reimbursement, and offered no compensation for the incident.

He filed a claim with the UK financial ombudsman in June of 2013. The ombudsman initially rejected his claim, citing the Skrill's terms and conditions that a user is responsible for noticing and reporting any unauthorized activity, and that they have a "last log on" feature that allows users to see the last time they logged in. Andyfothershops was told by Skrill that the IP that ended up stealing the money also logged in several times before the theft, but did nothing when logging in.

Andyfothershops appealed this decision, stating that he did report the unauthorized activity as soon as he noticed it. He also said that even if he knew about the last login feature, he may not have even noticed that someone else had accessed his account.

About two weeks ago, Andyfothershops received a reply. The omnibudsman proper agreed with him this time, saying that he did everything he could to prevent this unauthorized access, and the ombudsman made a provisional ruling in his favor.

Andyfotheshops says that the ombudsman gave both sides about two weeks to add any additional information. He says that Skrill did not accept the decision, but there was no new evidence and Skrill is now required to pay him the $4,000 balance, as well as 8% per annual interest on that balance.

Andyfothershops had also attempted to report this to the UK police but was told that this type of crime can only be reported to an outside agency. After filling a complaint with the agency, he did not receive any phone calls or follow-up emails.

He would like to thank RyPac13/ChicagoRy for giving him the initial phone number to contact Skrill within 2 hours of him noticing the unauthorized activity. He'd also like to thank Pokerfuse's Ryan "Hood" for all his help in the twoplustwo thread.

Other Victims

2p2 user "888prof1234" ended up accepting a 50% settlement offer from Skrill. 2p2 user "Sharkunge" was initially told by Skrill that his money was lost forever after it had been deposited on AdjaraBet, but after receiving help from Alistair in AdjaraBet's customer support, he was able to receive about 90% of his funds that Skrill recovered, and Skrill refunded the other 10% themselves. A different 2p2 user ended up choosing not to file through the ombudsman and received only 20% of his balance back. And finally, "pantherboy", a Finnish national residing in Thailand, received none of his $10K+ back after his account had been hacked from a Finnish IP.

it1111's picture
it1111
Online
Elite
Joined: Jul 12 2012
Everyone who keeps any

Everyone who keeps any reasonable amount of money on Skrill should order Security Token (it only costs 15 Euro).

The problem is that Skrill doesn't advertise Security token for non VIP customers and it takes forever to get one.

I had to email them couple of times for them to make Security Token order page visible for my account, and they are very slow to answer emails (two weeks for 2 emails).
After I finally ordered the token it took them 3 weeks to ship it. 

So in total, I had to wait more than 6 weeks to get the token. This is not a very good service. Security of their customers should be their 1st priority.

 

 

"If you want to win, you must not lose!"

szrfph's picture
szrfph
Offline
New User
Joined: Nov 1 2012
Skrill looking dodgy-as-fuck

Skrill looking dodgy-as-fuck as usual.

Pro-tip: Only use them for their secret rakeback - not for anything real

Plauzee's picture
Plauzee
Offline
New User
Joined: Oct 14 2009
Make sure to use the token

Make sure to use the token which is free as Skrill VIP.

Just click "Skrill VIP offer" (also at front page of HUSNG) and you will become Skrill VIP easily with their "secret rakeback" deal included.

Even as non-VIP you will be able to get the token easily with the included extra support for ALL clients of HUSNG.

serge's picture
serge
Offline
Site Staff
Joined: Jul 26 2013
The ombudsman has published

The ombudsman has published his final decision. You can read it here. Furthermore, we have also confirmed that Skrill has already paid.