July 10th, 2003, 09:12 PM
New site spoofs PayPal to get billing information
Complete Story : Here
A new Web site spoofs the PayPal Inc. online payment site and attempts to trick PayPal customers into divulging sensitive account and billing information. The fake Web site is the latest example in what security experts say is a rising trend of "brand spoofing" scams.
July 10th, 2003, 09:37 PM
Thanks Memory, that is the 3rd report I have seen this year on PayPal spoofing. I think it's a good target because alot of people that use paypal aren't really security "aware". As stated in other post, I am employed by a company in the financial business from an investor/banking perspective. I would like to offer another resouce for these kinds of attacks related to finance. The FDIC provides warning and documentaion for managing IT risk and assisting prfessionals in attempting to protect customers from fraud. You may not consider it a security resource but it is. http://www.fdic.gov Check out the IT link under "Regulation and Examination" I am constanlty worrying about protecting my own corporation's assets and in additon attempting to focus on ways to protect my customers as well. I don't use PayPal like some of you might, but I have to consider another major fraud, hacking peoples bank accounts at internet kiosks. We all see them in malls and airports. Based on my experience with them. DO NOT enter any personal information at one and I try to communicate that and not just leave my customers in the dark. Inform your customers through mailing list not to use paypal etc. unless it's a direct link from your site. Protect them as much as possible, we don't want them associating their misfortune with a transaction they did with a company you represent.
West of House
You are standing in an open field west of a white house, with a boarded front door.
There is a small mailbox here.