[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] PayPal "Man in the Middle" attack?

Subject: [ale] PayPal "Man in the Middle" attack?
From: cluon at geeklabs.com (Mike Harrison)
Date: Fri, 3 May 2013 16:31:26 +0000 (UTC)
In-reply-to: <CAPUGC6mGuEpcLZDq9e4cxOBtz4xZXH0g=VbnU6a2FZbYKK33=g@mail.gmail.com>
References: <CAPUGC6mGuEpcLZDq9e4cxOBtz4xZXH0g=VbnU6a2FZbYKK33=g@mail.gmail.com>

> Now I feel remorse. Was that foolish?

Go to the real paypal.com and change your passwords.

When I hit a fake capture website, I kill my browser(s).
re-open it on one of my personal websites.
clear all cache, passwords, etc..
kill my browser again.. and restart it.

Paranoid and completely thoretically not needed, I know..

If I'm bored and killing time.. I have fired up sniffers
and gone to the legit site and logged in (with an invalid password or a 
trash account) just to watch the Javascript running in a window somewhere
or in the page I'm on do weird things and try to call home.
Sometimes you'll see things.. sometimes not.

References:
- [ale] PayPal "Man in the Middle" attack?
  - From: knerdly1 at gmail.com (Mondo Hondo)

Prev by Date: [ale] PayPal "Man in the Middle" attack?
Next by Date: [ale] PayPal "Man in the Middle" attack?
Previous by thread: [ale] PayPal "Man in the Middle" attack?
Next by thread: [ale] PayPal "Man in the Middle" attack?
Index(es):
- Date
- Thread