If a fraudulent person knows someone’s paypal user id and password, they can use it and download the theme. Since they entered the right user id and password, no one knows if this was entered by a fraud, and they can safely run away with the theme.

Now, that someone realizes this transaction is not done by him and disputes it with PayPal. Paypal is always on the buyer’s side and they pull the money from my account and give it back to the buyer and then everyone is happy !

Wait !

1. Paypal is happy as their only job is satisfy the buyer. Their Seller Protection Policy covers only products that can shipped. They do not cover intangible goods [like in this case, a wordpress theme].
2. The buyer is happy as he got his money back.
3. The fraud is happy as he got one of my premium themes without paying a penny and without getting caught.

but I am still at a loss here.
How do I prevent this from happening again? Please throw in your ideas to solve this issue.

Thanks.
Also Read:
Beware of these Paypal Payments !