PayPal users vulnerable for years
Not a day goes by when the Browser doesn't receive an email purportedly sent by PayPal. They're almost all transparent fakes, sent by hackers trying to trick PayPal users into giving up passwords so that they can seize control of their accounts. The hackers, however, are getting more sophisticated, and lately the fear is that some may have been using a formidable attack called "cross-site scripting."
And Netcraft, a British security-research company, says that PayPal had a security vulnerability to cross-site scripting attacks that went undetected for two years before Netcraft pointed it out and PayPal fixed the problem. Computerworld notes that Chris Marlow, a concerned PayPal user, tried to notify the company of the problem back in 2004, but wasn't able to get through to anyone.
Is PayPal being responsive enough to potential security problems? Leave a comment below.
I get those fishing attacks, supposedly sent by paypal
at least once a week. The sad part is, some one will fallfor it and give up
information that can be exploited.
Paypal is dangerous in alot of ways. They take money from account holders in the name of security, they inflate their account holder numbers to look good on wall street by counting dead or closed accounts. The deception is huge and that is what they are all about besides fleecing their account holders so the security issue is nothing to them.
PayPal is no different from many such companies who depend on technology but fail to listen regarding potential problems. I've been up most of the night covering the posterior of one which failed to address obsolete hardware until it becme critical and has suffered intermittent failures for months.
Customer service told me "phishing" was like spam. Nothing to be done about it. I am not sure if their brand manager would be happy about this.
The security at PAYPAL must be poor. The phishers must be looking at a email list left unsecure by paypal, or they (paypal) have a inside phisher.
PayPal is no differnet than most e-commerce companies in that if you have a problem it just will not go away, even if you call the laywers (speaking from experience).
i will never use it ever again.......
JUST SAY NO TO 'PAYHELL'
No I don't think they are because I too was tricked by a fake e-mail and my identity was stolen. I think PayPal should buckle down and do something about this
CNNMoney.com Comment Policy: CNNMoney.com encourages you to add a comment to this discussion. You may not post any unlawful, threatening, libelous, defamatory, obscene, pornographic or other material that would violate the law. Please note that CNNMoney.com makes reasonable efforts to review all comments prior to posting and CNNMoney.com may edit comments for clarity or to keep out questionable or off-topic material. All comments should be relevant to the post and remain respectful of other authors and commenters. By submitting your comment, you hereby give CNNMoney.com the right, but not the obligation, to post, air, edit, exhibit, telecast, cablecast, webcast, re-use, publish, reproduce, use, license, print, distribute or otherwise use your comment(s) and accompanying personal identifying information via all forms of media now known or hereafter devised, worldwide, in perpetuity. CNNMoney.com Privacy Statement.