Slashdot Mirror

← Back to Stories (view on slashdot.org)

PayPal Security Flaw Allows Identity Theft

Posted by ryuzaki0 on from the watch-your-back dept.

miller60 writes "Phishing scammers are actively exploiting a security flaw in the PayPal web site to steal credit card numbers belonging to PayPal users. The scam tricks users into accessing a URL hosted on the genuine PayPal site, which presents a valid 256-bit SSL certificate confirming that the site belongs to PayPal. However, some of the content on the page has been modified by the fraudsters via a cross-site scripting technique, and victims are redirected to a spoof site that requests their account details."

2 of 212 comments (clear)

  1. hello? by dbucowboy · · Score: 0, Troll

    Sorry, but if you are dumb enough to still fall for the "Update your account" email then you deserve to have your identity stolen.

    --
    This just in! 3 out of 4 people make up 75% of the population.
  2. Netcraft confirms it by From+A+Far+Away+Land · · Score: 0, Troll

    I guess Netcraft has confirmed then, that PayPal is dying.

    Next expect scammers to use Skype to phone you for your password, PayPal to empty your bank account, and eBay to sell the goods they steal from you. eBay is offering crooks one stop shopping to rip you off.

    --
    Oh You POS