You are here: silicon.com > Financial Services > News

PayPal tackles phishing trap

Info thieves hosted malicious code on official website...

Tags: paypal, phishing, phishing scam

By Joris Evers

Published: 19 June 2006 08:25 GMT

PayPal has fixed a flaw in its website to block a sophisticated scam designed to obtain sensitive data from members, the payment service said on Friday.

By exploiting the flaw, attackers were able to redirect people from a PayPal web page to an online trap located in South Korea, a representative for the service said. The page actually has a real PayPal URL but hosts malicious code that presents a message warning members that their account had been compromised. It then redirects them to a "phishing" website.

At the malicious, information-thieving website, people are asked for their PayPal login information, experts at Netcraft, an internet monitoring company in England, said in an advisory. Subsequently, the scammers are urged to enter their Social Security number and credit card details, Netcraft said.

A PayPal spokeswoman said in an interview: "As soon as we became aware of this scheme, we changed some of the code on the PayPal website. So this scheme, or any scheme like it, can no longer be effective."

PayPal, a unit of online auctioneer eBay, is working with the ISP that hosts the malicious site to get it shut down, the spokeswoman added. The company has no information on how many people may have fallen victim to the scam, she said.

Joris Evers writes for CNET News.com

Add comment

Print story with

Email story

Okay. As a PayPal account holder, I'm happy that P...
Charlie Orlando Smith

Click here to see all

PayPal users get to buy by text message

PayPal kicks off UK credit card

Where next for PayPal?

PayPal glitch causes duplicate account withdrawals

Gartner: PayPal threatens banking business

In silicon.com

silicon.com Financial Services
Get the latest financial services news straight to your inbox. Sign up for the FS newsletter today!

FS News

Telegraph CIO on the rocky road to going Google

Phishers set their sights on corporate accounts

Microsoft to Office Accounting: Your number's up

How to pay for your Amazon purchases with a feisty mango

Parking in the West End goes contactless

FS Case Studies

VocaLink makes virtualisation pay

Co-op Group kicks "server sprawl" into touch

Torex tech treats Thorntons to quicker sales

How outsourcing saved Zurich's IT

Betfair betting engine goes supersonic

Lloyds TSB banks on SAP SRM

Jobs

Resource Planning Manager

You will also provide support and information for realtime planning as well as support and information for the billing process.Principle ...

Scorecard Manager (SAS) - Midlands - 40-60k +Bonus

Ideally from a Bank/Credit Card company background with superb management experience.Necessary experience:-SAS-Scorecard ...

Senior Customer Support Engineer, Leeds BSF

s core values by providing a great working environment and our active sports & social team hosts a wide variety of events such as a summer party, ...

FS Commentary

Tim Ferguson
On a new Voyager, tackling fraud and the intellectual challenge
Interview: Nationwide IT director, Peter Stafford

Nick Heath
David Lister on smart grids and why he left RBS
Interview: National Grid CIO

Andy Jones
Why banks will push ahead with offshoring
Comment: Even if they don't want to

Catherine Stagg-Macey
Legacy IT holding back insurers
Comment: Economic crisis means finance giants must step lively

Julian Goldsmith
The City fund manager with no IT department
Q&A: How asset management is embracing the cloud...

Peter Cochrane
Peter Cochrane's Blog: How tech can solve the banking crisis
Bring on a machine-based economy

Special Report Focus

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.