also @ TechSpot: ATI Radeon HD 5970 Review: Dual-GPU Graphics

Most Popular

Top Stories Commented  Featured 

Weekend Open Forum: Google Chrome OS and the future of cloud computing  featured

Tech Tip of the Week: Unearth Region-Specific Windows 7 Themes  featured

Google previews its upcoming Chrome OS

Mozilla reveals 2008 revenue, rumors say Firefox coming to PS3

Sony: PlayStation 3 to be 3D-capable via firmware update

Xbox Live bans prompt class action lawsuit

Radeon HD 5970 supplies dry up quick, not a big surprise

Dell intros the multitouch-capable Studio 17 Touch

More Top Stories

Downloads & Drivers

Downloads   Drivers  

Norton Virus Definitions 2003-07 November 20, 2009

AVG Anti-Virus Updates November 20, 2009

Norton Virus Definitions 2008-09 November 20, 2009

avast! Virus Definitions November 20, 2009

McAfee SuperDAT Update 5808

More Downloads

TS Community

Recent Discussion   User Gallery  

Sony: PlayStation 3 to be 3D-capable via firmware update

No video on dvd

New SATA Drive

Windows 7 is a start button tweak possible?

PNY 9800GT temps

More at the Forum

Subscribe

Newsletter Our Feeds

Receive weekly updates on new articles, news and contests in your mail!

Email address:

Information Technology

PayPal vulnerability leaves users open to fraud

By Justin Mann, TechSpot.com
Published: June 16, 2006, 3:39 PM EST
PayPal users be cautioned, there is another security vulnerability that has been discovered with the PayPal system that goes a step beyond the “Your account is disabled” e-mails. This phishing technique actually uses a valid PayPal URL and even provides a valid security certificate, but uses an injection technique to override PayPal's page and redirect to a 3rd-party site. Due to the browser having valid URLs, many could easily be fooled into supplying the 3rd-party site with PayPal credentials, of course leaving them open to being ripped off. As the warning mentions, people using the Netcraft toolbar won't be affected as it automatically blocks the 3rd-party site (now that it has been discovered), but many others probably won't be so lucky

4 comments
RSS

User Comments (4)

Post a comment
DragonMaster
on June 16, 2006
4:07 PM		Also, when I receive PayPal e-mails in an e-mail account that isn't even suscribed to it, I just don't trust this.

What to look for : Real PayPal e-mails have your username in them!

Julio
on June 17, 2006
4:23 AM		In general, it's a bad idea to click email links to anything related to your Paypal or bank accounts, same goes with eBay accounts, etc.

DragonMaster
on June 17, 2006
9:44 AM
In general, it's a bad idea to click email links to anything related to your Paypal or bank accounts, same goes with eBay accounts, etc.
Especially since the real PayPal mails tell you to open your browser and type paypal.com manually instead of click the link in the e-mail...

DragonMaster
on June 17, 2006
5:21 PM		http://news.com.com/PayPal+fixes+phishing+hole/2100-7349_3-6084974.html?tag=nefd.top

Fixed!

Browse more commented news