FW: Paypal/Ebay

["Mclaughlin, Kevin L (mclaugkl)" <mclaugkl () UCMAIL UC EDU>]

Kevin L. McLaughlin

CISM, CISSP, PMP, ITIL Master Certified

Director, Information Security

University of Cincinnati

513-556-9177 (w)

513-703-3211 (m)

513-558-ISEC (department)

<mailto:mclaugkl () ucmail uc edu>  

 

  

 


CONFIDENTIALITY NOTICE: This e-mail message and its content is
confidential, intended solely for the addressee, and may be legally
privileged. Access to this message and its content by any individual or
entity other than those identified in this message is unauthorized. If
you are not the intended recipient, any disclosure, copying or
distribution of this e-mail may be unlawful. Any action taken or omitted
due to the content of this message is prohibited and may be unlawful.

 Hi Everyone:

My lead investigator asked me to forward this to the Educause Security
Group.  He basically wants to know if anyone has a security contact for
Paypal/Ebay.

 

Thanks,

-Kevin

 

 

________________________________

From: Shamblin, Quinn (shamblqn) 
Sent: Thursday, January 11, 2007 10:57 AM
To: Mclaughlin, Kevin L (mclaugkl)
Subject: Paypal/Ebay

 

---------------------------------

 

Hello Everyone,

 

During a recent investigation, we had need to contact Paypal.  The
paypal/ebay fraud line is 408.967.9919, which is a voice message that
describes the information that is available from paypal in response to
various types of requests.  The message states that a transcript is
available if you fax them a request, but be warned that they will not
actually fax the transcript to you unless your request is on Police
letterhead.  In fact we could get no cooperation or response from them
on any subject until we turned the case (which had been being
investigated internally) over to our local police dept.  Just a word of
warning for those internal investigation teams out there if it turns out
a trail you are following leads to paypal/ebay.

 

In order that you know what kind of information paypal/ebay can provide,
I have transcribed the voicemail message.  I am providing this to the
group for reference.  If you need any of this information, you can
probably get it, but the request will need to come through your P.D.

 

-------------------------

Transcript of PayPal-eBay Fraud Message taken 10/27/2006 @ 1300 EDT

 

Thank you for calling the law enforcement hotline for ebay and paypal
Fraud Investigations Team, also known as FIT.  FIT can provide the
following records, depending on the form of the request. Turn around
time for requests is 5-10 business days, not including Saturdays Sundays
and Holidays.  

 

In response to a subpoena, court order or other legal document, ebay
will provide:

 

*     Full registration information including billing and mailing
address 

*     IP address at the time of registration

*     Complete sales and bid history including bidder information if
specifically requested

*     Credit card and checking account information if available

*     All account information including: addresses, phone numbers, email
addresses, SSN if available, IP addresses for each login, financial
information, complaints against, and complete transaction information 

 

In response to a non-subpoena faxed request on department letterhead,
ebay will provide:

 

*     Contact name, city, state, zip, and telephone number, email
address and user id history

*     If specifically requested, sales and bid history dating back one
year.

 

Please note that all paypal records require a subpoena.

 

Please specify if you are requesting ebay or paypal information or both.

 

To formally request a record or to request that this message be faxed to
you, fax the request to 408 967-9915.  Please note that these
instructions apply only to criminal subpoenas.

-------------------------

 

Question for the group: Does anyone out there have a contact at
paypal/ebay that has been helpful in these cases?  Does anyone know who
their lead investigator is?  In some cases, there is non-protected
information that they could provide that would tell us if it is worth
the time to proceed with a court order.  For various reasons, an
internal investigative team may not want to involve the police
unless/until a crime has been reasonable proven, so such a contact
number would be of help.

 

Thanks!

 

Regards,

 

 

 

Quinn R. Shamblin, PMP
University of Cincinnati 
Information Security Officer
(513) 556-0803
quinn.shamblin () uc edu