Comments on: PayPal: Phishing, Fundraising, And In The Lab

By: cyberpenguin

cyberpenguin — Sat, 19 Jan 2008 20:24:20 +0000

How can we verify that the PayPal Labs site you’ve listed is legit? I’ve searched at the actual PayPal site, & can’t find any references to widget development like this?

By: Standard Deviations » I’m on GigaOM - Sorta

Standard Deviations » I’m on GigaOM - Sorta — Sat, 03 Nov 2007 05:15:24 +0000

[...] enough, here it is – an article on PayPal fishing, something I wrote about a while [...]

By: Matt Cox

Matt Cox — Fri, 05 Oct 2007 18:41:40 +0000

Why doesn’t Yahoo! actually do something really good and respectable in working with a company such as Phishtank (http://www.phishtank.com) to have each external-linking url received in your Inbox emails run through Phishtank’s Fraud Protection check before redirecting you.

With Phishtank’s loyal and committed user-base submitting fraudulent urls to the database by the minute, it’ll ensure a lot more security for Yahoo! Mail users.

I’ve noticed most Yahoo! links run through some weird tracking url first – especially from search results. Can in-body links in email not display as:

http://phishtank.yahoo.com/fraudcheck?url=http://www.royalbankofscotland.givemeyourbankdetails.com

Which then, on clicking, performs the fraud check and takes you through to your website instantly if no problems were found. If the url were believed to be fraudulent, it could show a Yahoo! branded screen.

“We believe this page may be fraudulent. Continue at your own risk:

http://www.royalbankofscotland.givemeyourbankdetails.com (active link)”

Surely spending some Yahoo! cash on something like this would be far better for the internet than making another social network (Mash doesn’t seem to cut it just yet, and will be just full of idiots, like 360 is).

By: Saptarshi

Saptarshi — Fri, 05 Oct 2007 12:41:12 +0000

Isn’t domain keys already a pretty old standard in terms of email?? The only thing is that ebay/paypal are starting to use it now…