PayPal

The H-Security: Until just a few days ago, web sites belonging to the world’s largest online payment service contained a security vulnerability in a key component that could have been exploited by fraudsters to steal information from customers. PayPal fixed the vulnerability shortly after being notified of its presence by The H’s associates at heise Security. The eBay subsidiary was, however, unable to give any information on how such a serious security problem could have remained undetected. ...

Righard Zwienenberg, Chief Research Officer at Norman posted this on Norman Security Blog, Thanks to Mr.Fagerlid for sharing: I have been a user of PayPal for many years, actually ever since PayPal opened its services for international users. PayPal, originally only for US citizens, is now used worldwide with local offices in many countries. From the Dutch affiliate, I just received the next message from PayPal (the actual message was in Dutch, see picture below): ...

Usually I have to wonder how much inventiveness the spammers and Phishers show. But, from time to time, it is funny to see some really stupid Phishing attempts. I do hope that nobody is falling for these puny attempts to fake Paypal we found today. The email below is being sent with a German subject line and it is pretending to come from a German mail address, but the mail itself is written in English and it is allegedly pointing to paypal.com instead of paypal.de. ...

PayPal users are at risk of getting their credentials stolen if they follow instructions given in a scam email. “We have reason to believe that your account was accessed by a third party…. PayPal will verify it with your bank records for your own protection. If you provide a wrong PIN your account will be suspended or limited for unauthorized account access.” ...