Home › News › Industry News

PayPal vulnerability leaves users open to fraud

On June 16, 2006, 3:39 PM

PayPal users be cautioned, there is another security vulnerability that has been discovered with the PayPal system that goes a step beyond the “Your account is disabled” e-mails. This phishing technique actually uses a valid PayPal URL and even provides a valid security certificate, but uses an injection technique to override PayPal's page and redirect to a 3rd-party site. Due to the browser having valid URLs, many could easily be fooled into supplying the 3rd-party site with PayPal credentials, of course leaving them open to being ripped off. As the warning mentions, people using the Netcraft toolbar won't be affected as it automatically blocks the 3rd-party site (now that it has been discovered), but many others probably won't be so lucky

No tags on this story

Next Article: Microsoft's Patch Tuesday brings problems to dial-up connections

4 comments

User Comments: 4

Got something to say? Post a comment

June 16, 2006 4:07 PM

DragonMaster said:

Also, when I receive PayPal e-mails in an e-mail account that isn't even suscribed to it, I just don't trust this.What to look for : Real PayPal e-mails have your username in them!

Reply
June 17, 2006 4:23 AM

Julio said:

In general, it's a bad idea to click email links to anything related to your Paypal or bank accounts, same goes with eBay accounts, etc.

Reply
June 17, 2006 9:44 AM

DragonMaster said:

[quote] In general, it's a bad idea to click email links to anything related to your Paypal or bank accounts, same goes with eBay accounts, etc.[/quote]Especially since the real PayPal mails tell you to open your browser and type paypal.com manually instead of click the link in the e-mail...

Reply
June 17, 2006 5:21 PM

DragonMaster said:

[url]http://news.com.com/PayPal+fixes+phishing+hole/2100-7349
3-6084974.html?tag=nefd.top[/url]Fixed!

Reply

Recently commented stories

TechSpot on:

Most Popular

Trending

Featured

Featured on Cameras

Downloads and Drivers

Downloads

Drivers

WinMPG Video Convert 9.3.5

TurboFTP 6.30.940

Wise Youtube Downloader 1.23

System Cleaner 7.3.2.280

aTube Catcher 3.8.1390

More Downloads

Latest Discussion

HDD vs USB vs SSD boot 6 replies on Storage and Networking

How to remove write protection of USB mass storage with no visible lock/unlock 12 replies on Storage and Networking

Moar Free Dota2 6 replies on Gaming

Graphics Card Question 5 replies on Audio and Video

Unsure if my new graphics card will work with my PC 7 replies on Audio and Video

More Recent Discussion

Subscribe to TechSpot

Get free exclusive content, learn about new features and breaking tech news.

TechSpot

Welcome to TechSpot

Home › News › Industry News

PayPal vulnerability leaves users open to fraud

Next Article: Microsoft's Patch Tuesday brings problems to dial-up connections

User Comments: 4

Post a new comment

TechSpot on:

Most Popular

Building a Thin Mini-ITX PC: Small and Silent Performance

'Supercapacitor' could fully charge your phone in less than 30 seconds

Metro: Last Light Tested, Benchmarked

Microsoft launches YouTube app, Google demands it taken down

Bill Gates is once again the richest person in the world

Metro: Last Light Performance, Benchmarked

Building a Thin Mini-ITX PC: Small and Silent Performance

Metro: Last Light Review

Gigabyte U2442F Ultrabook Review

8 Free to Play Games That Are Too Good to Be True

Featured on Cameras

86 Nikon D7100

81 Nikon D5200

72 Nikon 1 J3

83 Canon EOS 650D Rebel T4i

96 Nikon D800E

Downloads and Drivers

Latest Discussion

Subscribe to TechSpot

Featured Tech Content - Inside TechSpot

	Social Login & Guest Posting Post as anonymous user			TechSpot Members Login here or sign up for free, it takes about a minute.
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.