[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] PayPal issues another blow to user security

To: Rob Adams <rob@ebeep.org>
Subject: Re: [Full-Disclosure] PayPal issues another blow to user security
From: Dom Gallagher <dgallagher@starnetusa.net>
Date: Wed, 17 Dec 2003 13:22:35 -0600

At 11:09 AM 12/17/2003, Rob Adams wrote:

[[Warning -- I do not speak for, nor do I represnt, my employer. --Rob]]

Aaron Horst reported earlier this week that Paypal violates their own anti-phish policy. He received an official email that included a clickable link to "paypalcreditcard.com." Their stated policy is that they will only ever link to "paypal.com." Paypalcreditcard.com appears to be a legitimate web site operated by Paypal's business partner, Providian Financial Corporation.

I received a similar solicitation. I forwarded it to the "spoof@paypal.com." I think you'll enjoy the response:

=================

Dear Rob Adams,

Thank you for contacting PayPal.

Thank you for bringing this suspicious email to our attention. We can confirm that the email you received; was not sent to you by PayPal. The website linked to this email is not a registered URL authorized or used by PayPal. We are currently investigating this incident fully. Please do not enter any personal or financial information into this website. If you have surrendered any personal or financial information to this fraudulent website, you should immediately log into your PayPal Account and change your password and secret question and answer information. Any compromised financial information should be reported to the appropriate parties. If you notice any unauthorized activity associated with your PayPal transaction history, please immediately report this to PayPal by following the instructions below: 1. Go to https://www.paypal.com/ 2. Click on the Security Center at the bottom of the page 3. Click on "Report a Problem" 4. Select the Topic: Report Fraud 5: Select the Subtopic: Unauthorized use of my PayPal Account, and click Continue. 6. Follow the instructions to access the appropriate form

If you have any further questions, please feel free to contact us again.

Form letter. eBay loves 'em, and now Paypal seem to have jumped on the bandwagon.

If you check the original report, Paypal itself links to the so-called phishing site: https://www.paypal.com/cgi-bin/webscr?cmd=_help-ext&leafid=1782

Assuming the URLs were not spoofed with any of the usual fun tricks to catch the point-and-droolers, Paypal are either totally ignoring the actual content of abuse complaints or deliberately trying to blame the phishers for a poorly thought out marketing effort.

D.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] PayPal issues another blow to user security
  - From: "Exibar" <exibar@thelair.com>

References:
- [Full-Disclosure] PayPal issues another blow to user security
  - From: Aaron Horst <anthrax101@yahoo.com>
- Re: [Full-Disclosure] PayPal issues another blow to user security
  - From: Rob Adams <rob@ebeep.org>

Prev by Date: RE: [Full-Disclosure] IE Content Manager
Next by Date: [Full-Disclosure] NetBSD Security Advisory 2003-018: DNS negative cache poisoning
Previous by thread: Re: [Full-Disclosure] PayPal issues another blow to user security
Next by thread: Re: [Full-Disclosure] PayPal issues another blow to user security
Index(es):
- Date
- Thread