Slashdot Mirror


PayPal Security Flaw Allows Identity Theft

miller60 writes "Phishing scammers are actively exploiting a security flaw in the PayPal web site to steal credit card numbers belonging to PayPal users. The scam tricks users into accessing a URL hosted on the genuine PayPal site, which presents a valid 256-bit SSL certificate confirming that the site belongs to PayPal. However, some of the content on the page has been modified by the fraudsters via a cross-site scripting technique, and victims are redirected to a spoof site that requests their account details."

2 of 212 comments (clear)

  1. Identity "Theft"? by goldspider · · Score: -1, Flamebait

    I'm really tired of hearing this term. Nobody's identity is being physically stolen; therefore it is not theft. Please reference a SINGLE case when a "victim" woke up to find that he/she NO LONGER HAD AN IDENTITY!! It's even more absurd than arguing that copyright infringement is theft!

    It really grinds my gears when industry lobbyists and shills use inflammatory rhetoric to exaggerate the impact of mundane, victimless crimes.

    --
    "Ask not what your country can do for you." --John F. Kennedy
    1. Re:Identity "Theft"? by goldspider · · Score: 0, Flamebait

      You are correct. My identity has never been physically taken from me without (or with, for that matter) my consent.

      (and 2 down-mods on a single post constitutes "excessive bad posting"? What kind of fascists are running this site?)

      --
      "Ask not what your country can do for you." --John F. Kennedy