Phishing Scam Uses PayPal Secure Servers

Discussion in 'News' started by Mr.Cheeks, Jun 19, 2006.

  1. Mr.Cheeks

    Mr.Cheeks 1st ever Gold Member! Gold Member

    5,373
    89
    190
    Phishing Scam Uses PayPal Secure Servers

    A cross-site scripting flaw in the PayPal Web site allows a new phishing attack to masquerade as a genuine PayPal log-in page with a valid security certificate, according to security researchers.

    Fraudsters are exploiting the flaw to harvest personal details, including PayPal log-ins, Social Security numbers, and credit card details, according to staff at Netcraft, an Internet services company in Bath, England. The PayPal site, owned by eBay, allows users to make online payments to one another, charged to their credit cards, and log-in credentials for the service are a prized target of fraudsters.

    What Happens

    The attack works by tricking PayPal members into following a maliciously crafted link to a secure page on PayPal's site. Anyone thinking to check the site's security certificate at this point will see that it is a valid 256-bit certificate belonging to the site, Netcraft employee Paul Mutton wrote in the company's blog today.....

    To read the rest of the article, click here...
     
porta2_tags:

Comments

    1. twizzle
      twizzle
      Well i can say that i have had emails sending me to paypal stating that my details have changed or that a new email address was added to my account. I know that these were possible phissing mails as they used an email addy that i have never registered with paypal to contact me. I did report them at first to paypal, but as i still get them i dont think anything got done about it (was months ago i reported and i had one last week.)

      Always check the mail address that its sent to i say.... I do have a paypal account but never on the one the scam mail was sent to. Plus i never click links to paypal in emails, i always open new windows and type the addy in manually. IT pays to be cautious and aware that these things happen!

    Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.