My Magento site was hacked and my Paypal Standard Email Address was changed to scarlsson@mail.ru.
Overnight my store took 2 orders and payment was not in my Paypal account so I checked Magento and sure enough found this email address in the configuration.
I have contacted Paypal and they advised I can't do anything - the buyers have to lodge a 'Item Not Received' claim (embarrasing...) Anyway they suggested I report this email to Magento so they can blacklist this email address possibly? but I can't find where I can do this?
Can someone advise if there is this safeguard in place and where I report this to avoid this scumbag re-routing payments from other Magento stores?
This is actually very common practice: find Magento that is not security hardened, break in, activate PayPal (or change receiver), use throwaway account collect money until somebody notices and then switch to next account. Rinse and repeat.
There're two things you can do: a) keep your system secure (not right after break-in, but always, as a process) and b) Either swallow your pride, contact customer and ask them to file complain against the hacker account or swallow losses and ship stuff. Both are bad options, but I think second is worse as it allows hacker to get away with money making this racket worthwhile.
I recently had this issue, called PayPal, gave them the relevant details and the transaction hadn't been banked so they just cancelled it and had to ask the customer to resend the transaction directly to us, luckily they were very understanding. Same thing has happened again today, again no transactions have been taken, but wanted to know what steps I can take to making our account more secure?