Accused of having broken into 303 eBay and PayPal accounts and of stealing over £180,000 in total from the legitimate owners of the accounts, a 22-year old from Sherwood, Nottingham, has plead guilty to various charges of fraud and theft and has been sentenced to three and a half years in prison.
The hacker – one Richard Kirk – cracked the passwords to the eBay accounts and from there accessed the victims’ PayPal accounts. He then proceeded to transfer the money from these accounts to his and, finally, to buy stuff with the appropriated funds.
Among the things he bought were actual gold bars, whose delivery was monitored by the police after having been contacted by the owner of one of the compromised accounts. According to thisisnottingham.co.uk, Kirk was arrested “with his laptop on his knee, surrounded by parcels” after the postman left.
Whether Kirk managed to crack the passwords to the eBay accounts by guessing or by phishing has not been reported, but given the fact that compromising PayPal accounts gives attackers direct access to money, it is no wonder they are the most targeted online accounts by phishers.