PayPal Community

So I got completely scammed by a total con artist. I'm not the first, in fact this scammer is documented countless times on the internet, including here at Paypal forums (https://www.paypal-community.com/t5/About-Protections/Charged-fees-if-a-paypal-user-chooses-to-ask-f...) The seller (a "logo" company) takes money from unsuspecting customers, delivers abysmal results using MS Paint and Wordart (I'm not joking) then calls you a thief and threatens you when you complain, especially if you enter a Paypal dispute. Strangely, despite volumes of evidence and complaints Paypal don't seem to have upheld a single complaint. That Paypal have been so utterly pathetic in not refunding anyone let alone shutting down this con artists Paypal account and allowing them to continue scamming and abusing and threatening people is another topic but I have discovered, via this experience, a massive and potentially dangerous security hole in Paypal. After I lodged my dispute I received yet another abusive email from the seller where he said the following; "Our billing department right now is looking over your financials provided to PayPal and drafting up a complaint for bank fraud and theft to send online and/or fax over to your local law enforcement jurisdiction in xxxxxx. We will do everything possible to ensure law enforcement shows up at your front door and you are prosecuted to the fullest extent of the law for your crimes. Being a thief does not pay.  Stealing from innocent people does not pay.  You will soon find this out.   Next time when you steal so blatantly, perhaps you should not leave a money trail with all of your address and contact information.  You've made it very easy for us to have all the information to provide to law enforcement for your fraud and theft." Now I'm not worried about this con man doing anything he threatens in the email as I know he has no power to do so, but others may not know this (and Paypal continue to allow this scamster a Paypal account). I am VERY worried about what information he is able to access via Paypal about me. After Paypal ruled in favour of this scam artist (allowing him for over 4 years to receive payments to his fraudulent business) I emailed Paypal to ask if the seller had my address and other personal details. Setting aside the thoroughly incompetent Paypal "Help Desk" and the fact it took me about five attempts to get a simple answer to a simple question I discovered that the seller does indeed have my address. The imbeciles on the Paypal "Help Desk" (in the Philippines where Paypal can pay them $3 an hour to cut and paste boilerplate responses) told me that the seller needed my address to post the package to me despite the fact I told them this was a SERVICE transaction and not a purchase of a physical good that needed posting. Regardless, in many cases there is no need for Paypal to allow a seller access to a buyers address. Paypal is just the payment gateway and the portal itself (e.g. Amazon, eBay) collects the shipping address so why would Paypal allow sellers unfettered access to our data? It certainly makes no sense and it is absolutely unnecessary to provide addresses and other details for SERVICE transactions and for shipping when the address is already collected by eBay then why also allow a seller access to what might very well be your home address? So now a seemingly dangerous and disturbed individual (or group) knows where I live. I don't know where they live or operate out of, of course Paypal won't provide the information of the scam artist to me or the poster in the archived message linked above so that we can pursue the con man and report him to the appropriate authorities. But they will allow the scamster our personal details including where we live. They might start sending me things by mail or use my personal details for other scams or identity theft. This is a MASSIVE security breach and MASSIVE breach of personal data that Paypal is allowing here not to mention dangerous to buyers. Just think - this applies to EVERY Paypal transaction regardless of type. So just making a donation to a cause or paying for an eBook and the seller has all your details, including WHERE YOU LIVE. How many people are aware of this? How many people have already found this out when a seller actually goes and physically harasses a buyer with whom there was a dispute? And how many sellers are exploiting this to collect and sell personal information? Paypal needs to fix this (and a lot of other things) urgently. There should be no way a seller can access a buyers personal details, especially their address when the transaction does not involve shipping of a good. Further, they need to fix their call centre as it is terrible, I have an entire thread of emails where they were answering a completely different question to what I asked. Last, they need to track complaints against a seller or web address. This scammer has multiple websites running exactly the same scam and he's been doing it for years (I found all this out too late unfortunately). Lastly, Paypal has to be much more explicit about what details a seller has access to. I'm sure it's buried away in the small print somewhere but I bet this news is a surprise to a lot of people and it should scare you off ever using Paypal again for transactions that do not involve shipping.