Slashdot Mirror

← Back to Stories (view on slashdot.org)

PayPal Security Flaw Allows Identity Theft

Posted by ryuzaki0 on from the watch-your-back dept.

miller60 writes "Phishing scammers are actively exploiting a security flaw in the PayPal web site to steal credit card numbers belonging to PayPal users. The scam tricks users into accessing a URL hosted on the genuine PayPal site, which presents a valid 256-bit SSL certificate confirming that the site belongs to PayPal. However, some of the content on the page has been modified by the fraudsters via a cross-site scripting technique, and victims are redirected to a spoof site that requests their account details."

1 of 212 comments (clear)

  1. Re:Identity "Theft"? by goldspider · · Score: 0, Flamebait

    You are correct. My identity has never been physically taken from me without (or with, for that matter) my consent.

    (and 2 down-mods on a single post constitutes "excessive bad posting"? What kind of fascists are running this site?)

    --
    "Ask not what your country can do for you." --John F. Kennedy