Scammed by PurplePandaLabs for $900 - GG gaslighting

[Cashton]

He was short of payment but got resolved

Ah yes, it was @Amanofgod who was the other case I think.

 

[MindlessWork]

I did what I can and I am done here now. All this tells me there’s a lot of unanswered questions still with no real conclusion. If anyone has more info that’s worthwhile please share.

Just erased the copies of the videos off my computer and my mobile device so no info will be exposed or at risk.

@Gdawg here is a bit of advice: double check everything beforehand and follow the instructions given closely and if anything seems off best to reach out to reps. Hopefully there be none of this in the future and chalk this up to a hard lesson learned.

@OllieJacobs this sound good?

 

[MindlessWork]

He was short of payment but got resolved

That can happen if the value of his Bitcoin suddenly dropped right before he paid.

 

[dennia]

Ah yes, it was @Amanofgod who was the other case I think.

I think he actually talk about a older case.
This one

I just got SCAMMED from Purplepandalab

Update* still havent heard anything from them. However, i was using a different email to contact PPL and got immediately response within 1hour. Nice customer service PPL. They just completely ignore my email and issue. I guess my money is gone now.

thinksteroids.com

 

[Gdawg]

From what I can tell from the posts...

A BTC address was assigned to the order.
No payment has been paid to this particular address.

This does not prove he is a scammer.
This does not prove he has no malware.
This does not prove the Website hasn't been hacked.
This does not prove foul play by someone working for the website.

Yeah that's part of it.

The fact that no payment was received in the legit BTC address proves nothing - I have never claimed to have sent it to that legit BTC address.

The argument is that I was forwarded to a URL (on the PPL website and NOT via email) that contained a different order number (and BTC address) than the link/order number contained in the legit PPL order confirmation email.

The question i've been asking is how did this happen?

People are saying it could be malware on my end but why would whoever is behind this go the extra length of creating a fake PPL protonmail and sending a confirmation email?

Why would they change the PPL URL and not just the BTC address text?

Why did it only happen once and not for the Dark Reader test account?

Many questions but zero answers.

The distinct thing about this thread that annoys me is you have the Gdawg, who has not once resorted to insults and has held their composure, and then you have PPL, who very quickly got defensive, angry, and kneejerk shoved some collective ego up in everyone's asses. I don't care the issue, but if you can't handle business in a more dignified manner and not be open to there being an actual issue, then I have zero interest in doing business with them in the future. Sure, no skin off their ass, but it was very similar with the "remailer" incident. Come at it with some fucking humility and professionalism, and you'd earn way more respect and future business. I don't give a fuck if he's a scammer or not. You have had issues in the past, which proves you are anything but secure, and coming off as cocky with your opsec really might not be the best way to approach it.

Too right. I was and am civil the entire time providing all of the evidence I have and every bit of information I can while being met with abuse, lies and zero proof or evidence supplied by PPL/ollie.

They even doxxed my name and address to random forum members.

At any point did you see two BTC addresses? Because what you're saying is you placed the order. Brought to the URL with the BTC address directly afterwards....

What was with the email then to send payment? Did you place the order and then proceed to click the link in the email to send the BTC?

I only seen what is in the first screenshot so no two BTC addresses.

You are correct that I went through checkout on the website, clicked accept for the terms and conditions and then was forwarded to the BTC details page that is shown in the first screenshot.

I paid roughly 20 minutes after doing the checkout.

Once I had paid within I think 30 minutes I received an email from purplepandalab@proton saying the payment is confirmed. That email address has nothing to do with PPL so i've no idea why a scammer would send it to begin with.

So to be crystal clear for anyone still confused - I did not click on any link from an email to make the order or payment. The entire thing was on the PPL website.

FWIW I still haven't seen anything that shows @Gdawg is scamming. Personally the way he's handling it I think he may have truly gotten scammed (Not saying it was PPL) but idk by who. It seems like @OllieJacobs handled this terribly though regardless. His reaction is that OP is a scammer instead of saying he would look into it. Just bad CS in my opinion. Doesn't give anyone else a lot of comfort that if they had a problem it would be looked into. Then you think that to "prove" something you have the guy who would be held liable (Panda) "show" you what happened. If he was hacked he wouldn't tell you. That would be a huge blow to his business and cost him a lot more than $900. You took this personally and went into it %100 sure OP was scamming instead of open minded. I mean even if this was a scam you handled it terribly by accusing and jumping to conclusions. Then you send this "proof" to people of your choosing?? Really? Well of course they'll jump on your bandwagon. You are saying the invoice wasn't paid? Well no shit the OP is saying the invoice he was sent was paid not the one you are showing people. (Op states he was sent different addy) Obviously if he had sent coin to that address we wouldn't be having this convo. But at the end of the day you sent personal info to people without the OPs permission. For that you should be banned! No questions asked IDGAF your "justification". I mean his info would have been posted if someone hadn't LITERALLY told mind not to. I've been looking at getting trest from you for about a week as it's hard to find. Now I have to keep looking because I would NEVER use you due to the way this was handled. The dox was enough for me. Hope you learn!! Gl @Gdawg if you truly aren't scamming

Exactly right - This entire thing is a shitshow to put it bluntly.

That’s what it sounds like, it sounds like he’s been the victim of some type of spoofing attack, in which case we will be hearing more cases coming soon.

In a selfish kind of way, hopefully we'll hear of more cases but it might be a few weeks if so.

-----

Hopefully something good can actually come of this, people can be more aware of this kind of thing being possible whether it's on the customer's end or the source's.

Screen record the entire thing.

Check your emails to verify you have been forwarded to the correct payment info.

Maybe PPL can actually add the BTC address to the order confirmation emails in plain-text as a verification.

 

[Cashton]

I think he actually talk about a older case.
This one

I just got SCAMMED from Purplepandalab

Update* still havent heard anything from them. However, i was using a different email to contact PPL and got immediately response within 1hour. Nice customer service PPL. They just completely ignore my email and issue. I guess my money is gone now.

thinksteroids.com

Yeah he was short on payment wasn’t he? Didn’t someone just say that?

 

[dennia]

That can happen if the value of his Bitcoin suddenly dropped right before he paid.

Yes and sometimes is the fee that is crazy

 

[Cashton]

Yeah that's part of it.

The fact that no payment was received in the legit BTC address proves nothing - I have never claimed to have sent it to that legit BTC address.

The argument is that I was forwarded to a URL (on the PPL website and NOT via email) that contained a different order number (and BTC address) than the link/order number contained in the legit PPL order confirmation email.

The question i've been asking is how did this happen?

People are saying it could be malware on my end but why would whoever is behind this go the extra length of creating a fake PPL protonmail and sending a confirmation email?

Why would they change the PPL URL and not just the BTC address text?

Why did it only happen once and not for the Dark Reader test account?

Many questions but zero answers.



Too right. I was and am civil the entire time providing all of the evidence I have and every bit of information I can while being met with abuse, lies and zero proof or evidence supplied by PPL/ollie.

They even doxxed my name and address to random forum members.



I only seen what is in the first screenshot so no two BTC addresses.

You are correct that I went through checkout on the website, clicked accept for the terms and conditions and then was forwarded to the BTC details page that is shown in the first screenshot.

I paid roughly 20 minutes after doing the checkout.

Once I had paid within I think 30 minutes I received an email from purplepandalab@proton saying the payment is confirmed. That email address has nothing to do with PPL so i've no idea why a scammer would send it to begin with.

So to be crystal clear for anyone still confused - I did not click on any link from an email to make the order or payment. The entire thing was on the PPL website.



Exactly right - This entire thing is a shitshow to put it bluntly.



In a selfish kind of way, hopefully we'll hear of more cases but it might be a few weeks if so.

-----

Hopefully something good can actually come of this, people can be more aware of this kind of thing being possible whether it's on the customer's end or the source's.

Screen record the entire thing.

Check your emails to verify you have been forwarded to the correct payment info.

Maybe PPL can actually add the BTC address to the order confirmation emails in plain-text as a verification.

That really sounds like a spoofing attack brother, if so, give it a few weeks and I’m sure we will have more reports come in.

 

[MindlessWork]

@Gdawg rest assured I have NOT shared your info with anyone and I myself won’t ever use it. I have destroyed all copies of the videos and screenshots as I mention earlier.

I would advise anyone else to get rid of them as well.

 

[Cashton]

Yeah that's part of it.

The fact that no payment was received in the legit BTC address proves nothing - I have never claimed to have sent it to that legit BTC address.

The argument is that I was forwarded to a URL (on the PPL website and NOT via email) that contained a different order number (and BTC address) than the link/order number contained in the legit PPL order confirmation email.

The question i've been asking is how did this happen?

People are saying it could be malware on my end but why would whoever is behind this go the extra length of creating a fake PPL protonmail and sending a confirmation email?

Why would they change the PPL URL and not just the BTC address text?

Why did it only happen once and not for the Dark Reader test account?

Many questions but zero answers.



Too right. I was and am civil the entire time providing all of the evidence I have and every bit of information I can while being met with abuse, lies and zero proof or evidence supplied by PPL/ollie.

They even doxxed my name and address to random forum members.



I only seen what is in the first screenshot so no two BTC addresses.

You are correct that I went through checkout on the website, clicked accept for the terms and conditions and then was forwarded to the BTC details page that is shown in the first screenshot.

I paid roughly 20 minutes after doing the checkout.

Once I had paid within I think 30 minutes I received an email from purplepandalab@proton saying the payment is confirmed. That email address has nothing to do with PPL so i've no idea why a scammer would send it to begin with.

So to be crystal clear for anyone still confused - I did not click on any link from an email to make the order or payment. The entire thing was on the PPL website.



Exactly right - This entire thing is a shitshow to put it bluntly.



In a selfish kind of way, hopefully we'll hear of more cases but it might be a few weeks if so.

-----

Hopefully something good can actually come of this, people can be more aware of this kind of thing being possible whether it's on the customer's end or the source's.

Screen record the entire thing.

Check your emails to verify you have been forwarded to the correct payment info.

Maybe PPL can actually add the BTC address to the order confirmation emails in plain-text as a verification.

It is actually added in an email… we’ll a link to click to get to the payment information is.

 

[dennia]

If all the members who has your personal info pinky promise then you are safe @Gdawg

 

[MindlessWork]

If all the members who has your personal info pinky promise then you are safe @Gdawg

You got it man.

 

[BeefNewton]

I'd worry about Fr0z3n_B0mberrr, though. I've gotten the impression he is insatiably horny.

 

[Gdawg]

@Gdawg rest assured I have NOT shared your info with anyone and I myself won’t ever use it. I have destroyed all copies of the videos and screenshots as I mention earlier.

I would advise anyone else to get rid of them as well.

Thanks, hopefully whoever else received it will do the same.

It is actually added in an email… we’ll a link to click to get to the payment information is.

Yeah the link is in the email, that is how I could see that I paid via a different URL.

The issue is those links expire after 2 hours (I believe) - so you cannot go back and check it.

If the BTC address is emailed in plain-text inside the order confirmation then that is one way to verify you are sending it to the correct one.

 

[OllieJacobs]

I might have sounded rude, and i was, but if everyone who knows about IT tells me that you are lying, im inclined to think about it.
@Noli post explained it perfectly, we proved how everything looks from your side as a customer and from our side from the backend, pointing out if we were hacked so early sounded suspicious

Also yes, i have shared it to prove that literally from your own user account the address that appears and the QR code has nothing to do with the one posted, @Noli told me that the possibility of a spoofing attack is an impossibility.

As i have pointed out JUST one member who’s account is new posted about this issue, if @Cashton is right, looking at all the orders that were placed during the sale this should be flooded right now, just a single complaint from a new member, i will gladly wait to see if this thread gets members who had the same issue.

@Gdawg do i have permission to post the screenshots erasing your personal information?

 

[BeefNewton]

Thing with IT personnel, is there is a very, very wide range of competencies. I've been in IT over 25 years now, and if you have anyone that uses "100%" in an explanation or flat out says something is impossible without thinking about it long and hard, it's generally hubris. You could literally have a lateral server sitting out there, push code onto your web server, let a few transactions go through, and then that code be removed like it was never there. And that's just one really straightforward method. The most dangerous hacker is one that is creative.

And in evaluating the people you hire for support, how can you really know? Those in business want to focus on just that.. business. They generally do not have the knowledge to make a fair assessment to one's abilities and/or experience. So they have to take what they are told and run with it. And now a hole has been dug. Maybe this was just a test run to see if it would be noticed. I'd be very careful about believing so quickly what you are told about your backend. It didn't seem like much time passed between the time asked and the answer you received. It takes way, way longer to comb through tedious logs and consider every possible surface area for attack, which may involve more than one server. You all need to pull logs from everything, filter it down to the date/time Gdawg gave you. Remote access, file access, everything. A full audit like this should take way, way more time than it took to get an answer of "nope... impossible."

 

[Trenbologna]

FWIW I still haven't seen anything that shows @Gdawg is scamming. Personally the way he's handling it I think he may have truly gotten scammed (Not saying it was PPL) but idk by who. It seems like @OllieJacobs handled this terribly though regardless. His reaction is that OP is a scammer instead of saying he would look into it. Just bad CS in my opinion. Doesn't give anyone else a lot of comfort that if they had a problem it would be looked into. Then you think that to "prove" something you have the guy who would be held liable (Panda) "show" you what happened. If he was hacked he wouldn't tell you. That would be a huge blow to his business and cost him a lot more than $900. You took this personally and went into it %100 sure OP was scamming instead of open minded. I mean even if this was a scam you handled it terribly by accusing and jumping to conclusions. Then you send this "proof" to people of your choosing?? Really? Well of course they'll jump on your bandwagon. You are saying the invoice wasn't paid? Well no shit the OP is saying the invoice he was sent was paid not the one you are showing people. (Op states he was sent different addy) Obviously if he had sent coin to that address we wouldn't be having this convo. But at the end of the day you sent personal info to people without the OPs permission. For that you should be banned! No questions asked IDGAF your "justification". I mean his info would have been posted if someone hadn't LITERALLY told mind not to. I've been looking at getting trest from you for about a week as it's hard to find. Now I have to keep looking because I would NEVER use you due to the way this was handled. The dox was enough for me. Hope you learn!! Gl @Gdawg if you truly aren't scamming

FWIW I still haven't seen anything that shows @Gdawg is scamming. Personally the way he's handling it I think he may have truly gotten scammed (Not saying it was PPL) but idk by who. It seems like @OllieJacobs handled this terribly though regardless. His reaction is that OP is a scammer instead of saying he would look into it. Just bad CS in my opinion. Doesn't give anyone else a lot of comfort that if they had a problem it would be looked into. Then you think that to "prove" something you have the guy who would be held liable (Panda) "show" you what happened. If he was hacked he wouldn't tell you. That would be a huge blow to his business and cost him a lot more than $900. You took this personally and went into it %100 sure OP was scamming instead of open minded. I mean even if this was a scam you handled it terribly by accusing and jumping to conclusions. Then you send this "proof" to people of your choosing?? Really? Well of course they'll jump on your bandwagon. You are saying the invoice wasn't paid? Well no shit the OP is saying the invoice he was sent was paid not the one you are showing people. (Op states he was sent different addy) Obviously if he had sent coin to that address we wouldn't be having this convo. But at the end of the day you sent personal info to people without the OPs permission. For that you should be banned! No questions asked IDGAF your "justification". I mean his info would have been posted if someone hadn't LITERALLY told mind not to. I've been looking at getting trest from you for about a week as it's hard to find. Now I have to keep looking because I would NEVER use you due to the way this was handled. The dox was enough for me. Hope you learn!! Gl @Gdawg if you truly aren't scamming

FWIW I still haven't seen anything that shows @Gdawg is scamming. Personally the way he's handling it I think he may have truly gotten scammed (Not saying it was PPL) but idk by who. It seems like @OllieJacobs handled this terribly though regardless. His reaction is that OP is a scammer instead of saying he would look into it. Just bad CS in my opinion. Doesn't give anyone else a lot of comfort that if they had a problem it would be looked into. Then you think that to "prove" something you have the guy who would be held liable (Panda) "show" you what happened. If he was hacked he wouldn't tell you. That would be a huge blow to his business and cost him a lot more than $900. You took this personally and went into it %100 sure OP was scamming instead of open minded. I mean even if this was a scam you handled it terribly by accusing and jumping to conclusions. Then you send this "proof" to people of your choosing?? Really? Well of course they'll jump on your bandwagon. You are saying the invoice wasn't paid? Well no shit the OP is saying the invoice he was sent was paid not the one you are showing people. (Op states he was sent different addy) Obviously if he had sent coin to that address we wouldn't be having this convo. But at the end of the day you sent personal info to people without the OPs permission. For that you should be banned! No questions asked IDGAF your "justification". I mean his info would have been posted if someone hadn't LITERALLY told mind not to. I've been looking at getting trest from you for about a week as it's hard to find. Now I have to keep looking because I would NEVER use you due to the way this was handled. The dox was enough for me. Hope you learn!! Gl @Gdawg if you truly aren't scamming

I agree with this 100% and I cannot believe others aren't up in arms over this sharing of personal information. In my mind this totally discredits this Ollie dude and I also agree he should be 100% banned for this. I was around when a certain company got busted and it turned out they had kept the records of all their past customers despite giving their word that all records were destroyed. THIS IS WORSE THEN THAT.
And he's mocking the dude because he is upset he had his personal information released?? Get this fucking Ollie piece of shit out of here. You are lucky I'm not that guy Ollie you arrogant prick. I handle shit like that personally you mf.

 

[Gdawg]

I might have sounded rude, and i was, but if everyone who knows about IT tells me that you are lying, im inclined to think about it.
@Noli post explained it perfectly, we proved how everything looks from your side as a customer and from our side from the backend, pointing out if we were hacked so early sounded suspicious

Also yes, i have shared it to prove that literally from your own user account the address that appears and the QR code has nothing to do with the one posted, @Noli told me that the possibility of a spoofing attack is an impossibility.

As i have pointed out JUST one member who’s account is new posted about this issue, if @Cashton is right, looking at all the orders that were placed during the sale this should be flooded right now, just a single complaint from a new member, i will gladly wait to see if this thread gets members who had the same issue.

@Gdawg do i have permission to post the screenshots erasing your personal information?

I'm not giving you permission until you can at least answer the questions I asked yesterday and provide the screenshots that I asked for. You have been avoiding those questions all day:

Scammed by PurplePandaLabs for $900 - GG gaslighting

I am sure you can change the QR to show whatever you want if you know what you are doing and I am not sure if the OP has that skill to change the QR. I learned this when i was in school and i was a teen, probably half a dozen guys here at least will have edited the text or pic of a website once...

thinksteroids.com

Scammed by PurplePandaLabs for $900 - GG gaslighting

I am sure you can change the QR to show whatever you want if you know what you are doing and I am not sure if the OP has that skill to change the QR. I learned this when i was in school and i was a teen, probably half a dozen guys here at least will have edited the text or pic of a website once...

thinksteroids.com

Spoofing is a real thing by the way - doesn't matter how secure your BTC setup is. If someone wants to inject their own data onto one of your webpages or whatever happened, they can.

 

[MindlessWork]

Thing with IT personnel, is there is a very, very wide range of competencies. I've been in IT over 25 years now, and if you have anyone that uses "100%" in an explanation or flat out says something is impossible without thinking about it long and hard, it's generally hubris. You could literally have a lateral server sitting out there, push code onto your web server, let a few transactions go through, and then that code be removed like it was never there. And that's just one really straightforward method. The most dangerous hacker is one that is creative.

Spot on. I been in IT for over 30 years myself and now manage servers for a hospital. Right now all too often there’s cyberattacks occurring basically by merely injecting code onto web facing servers by taking advantage of vulnerabilities. Part of my job is doing vulnerability assessments on servers and remediate any found.

My conclusions for this:
If any part of PPL’s applications are not under the direct control of Panda but by a 3rd party that is a risk. Panda needs to investigate those risks and have that 3rd party fix them.

 

[OllieJacobs]

Thing with IT personnel, is there is a very, very wide range of competencies. I've been in IT over 25 years now, and if you have anyone that uses "100%" in an explanation or flat out says something is impossible without thinking about it long and hard, it's generally hubris. You could literally have a lateral server sitting out there, push code onto your web server, let a few transactions go through, and then that code be removed like it was never there. And that's just one really straightforward method. The most dangerous hacker is one that is creative.

In that case, as a IT guy, give me your honest answer about this, I don’t know jack shit about IT but on the health department we used to apply Ockham's razor.

1)We have proved from our side that everything is fine, in that case he a)can be lying or b)we got hacked.

2)Let’s say we got hacked, we did a sale with thousands of orders, most of them from Meso since the other forums are more or less dead, just one guy complied in every single forum, just one guy and the account is new.

3)Now we have two possibilities, he edited the pic, which is pretty easy, he built a story around it, we proved from our side how his personal account looked from the inside and how our backend looked like, so he’s lying.
Or we got hacked... and out of thousands of order the OP was unlucky enough to be the ONLY one that got his money stolen since not a single guy posted anything on any forum.