Help! I bought a domain and ended up with a stranger's PayPal! And I can't give it back

Updated A Register reader says that for months he has been dealing with unwanted emails and alerts because a domain he purchased is connected to someone else's PayPal account, and PayPal doesn't seem to care.

Aaron Sadler says the trouble began last year when he repurchased a domain he had previously owned and allowed to expire. After that initial expiry, someone nabbed the dot-net address, but then also let the domain expire, allowing Sadler to reacquire it from its registrar.

Unfortunately, there was a little something extra that came with the terrabithost.net domain: the previous owner had used it to register a PayPal account, and they were still using that account despite no longer having access to the email address. Rather, the emails were being forwarded to Sadler.

"I have received receipts (monthly), password resets, account locking / unlocking notifications etc," Sadler said.

"PayPal initially said these were phishing emails, but on checking they originated from their servers, and when I carried out a password reset to the email address via the PayPal website, it worked, as expected."

So, at this point our man had a domain that was spamming him with emails from PayPal, while a complete stranger was desperately trying to get back control of a PayPal account that, for all they knew, had been hacked and was being used or sold.

You would think that, at this point, PayPal customer service would take an interest in the case and promptly resolve the matter by disabling or transferring the account. Unfortunately, Sadler tells us, that is not the case.

"None of the advisors I have spoken to seemed to have any understanding of how the domain name/email systems works," our reader explains, "and how someone else can end up receiving the emails, (I have a basic catch-all forwarder setup on the domain.)"

Unfortunately, other branches of PayPal don't seem much interested in dealing with this either. El Reg has made multiple inquiries to the payments giant without getting any human response.

Now, Sadler says he is open to suggestion on how to address this situation and give control of the account back to its rightful owner.

"I have searched for the account owner via Facebook, Google etc with no luck, I have contacted the company which the receipts are for with no luck (to be expected due to data protection)," Sadler said.

"I just want the account owner to secure his account, I can't believe PayPal have allowed this to go on for a year, not lock the account, or even contact the account owner to advise him on the problem."

If PayPal or anyone else would like to resolve this situation, they can get in touch. ®

Updated to add

And as if by magic, within hours of this story going live, the owner of the PayPal account was traced, and the profile was updated with a new email address. A win for the good guys. Still no word nor any signs of caring from PayPal, though.

If you have hit similar security nightmares, let us know, please, via the address above, and we'll try to help.