[ale] PayPal "Man in the Middle" attack?

Mondo Hondo knerdly1 at gmail.com
Fri May 3 17:24:28 EDT 2013


Thanks all, I write this after booting from a live-disk and changing all
passwords of any consequence.

Why isn't changing the user ID a part of the security equation? This I've
always wondered.


On Fri, May 3, 2013 at 1:49 PM, Mondo Hondo <knerdly1 at gmail.com> wrote:

> My dilemma is as follows:
>
> 1) I fat fingered the following: "www.lpaypal.com" .
> 2) I did not reach PayPal, but some alternative site offering things I did
> not want.
> 3) I retyped, "www.paypal.com" in the address bar.
> 4) Signed-in PayPal, endeavored to transfer funds and got a security
> warning , "You probably are not reaching the site you wanted...click
> here...back to safety."
> 5) The warning stated that I was reaching (IIRC) "www.roverpal.com" the
> address bar read "www.paypal.com/....."
> 6) I figured that there were DNS  shenanigans, so I: shutdown, reset my
> clear modem and Linksys router, and then rebooted.
> 7) I signed into PayPal, conducted my business, and logged-out.
>
> Now I feel remorse. Was that foolish?
>
> Thanks,
> Preston
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20130503/919213f2/attachment.html>


More information about the Ale mailing list