MyMoneyBlog had a Paypal warning today. Yikes!
"Long story short, it was my Skype account that was hacked. I didn’t even know this, but PayPal has a program of “preapproved” payments where a merchant can repeatedly charge your account without the need to type in your PayPal password. This is meant for monthly subscriptions and the sort. Although I have bought credit from Skype before, I don’t ever recall signing up for any of these subscription-style plans at any merchant. My suspicion is that it was buried somewhere into a default checkbox that I didn’t undo, or worse it was just hidden in the terms and conditions fine print. (I am usually really careful about this sort of thing, so I am quite mad at myself!)
Lesson #1: If you use PayPal at all, check your preapproved merchant list immediately. To find this list, log into your account and then go to My Account > Profile > My preapproved payments. My recommendation is to make every single one inactive immediately."