Most Popular
| Top Stories | Commented | Featured |
ATI Radeon HD 5570 Review featured
Intel Core i5-based MacBook Pros coming soon?
AMD's six-core Thuban to have feature like Turbo Boost?
Google to launch Twitter-like service for Gmail
Intel unveils Itanium 9300 series enterprise processors
Netflix to roll out 1080p streaming later this year
TechSpot RSSIndustry News
PayPal vulnerability leaves users open to fraud
PayPal users be cautioned, there is another security vulnerability that has been discovered with the PayPal system that goes a step beyond the “Your account is disabled” e-mails. This phishing technique actually uses a valid PayPal URL and even provides a valid security certificate, but uses an injection technique to override PayPal's page and redirect to a 3rd-party site. Due to the browser having valid URLs, many could easily be fooled into supplying the 3rd-party site with PayPal credentials, of course leaving them open to being ripped off. As the warning mentions, people using the Netcraft toolbar won't be affected as it automatically blocks the 3rd-party site (now that it has been discovered), but many others probably won't be so lucky
User Comments (4)
Post a comment| DragonMaster on June 16, 2006 4:07 PM | Also, when I receive PayPal e-mails in an e-mail account
that isn't even suscribed to it, I just don't trust
this. What to look for : Real PayPal e-mails have your username in them!
|
| Julio on June 17, 2006 4:23 AM | In general, it's a bad idea to click email links to anything
related to your Paypal or bank accounts, same goes with eBay
accounts, etc.
|
| DragonMaster on June 17, 2006 9:44 AM | In general, it's a bad idea to click email links to
anything related to your Paypal or bank accounts, same goes
with eBay accounts, etc. Especially since the real
PayPal mails tell you to open your browser and type
paypal.com manually instead of click the link in the
e-mail...
|
| DragonMaster on June 17, 2006 5:21 PM | [link] Fixed!
|
