The Scary Truth About PayPal Security


Fort Knox or Facade?

PayPal – with billions of dollars in online and real-life goods and services being bought through it every day, one might easily believe that this company has a veritable fortress of security protocols in place to protect its customers’ financial information.

And while it’s true that PayPal does take security seriously, the fact is that no company is immune from every potential threat or exploit.

Hackers go out of their way to plant false cookies, send spoofed emails, and install “sniffers” in the background that actively look for security holes to exploit

Potential threats can seem endless.

Beyond the common types of hacks, PayPal also has to watch out for 0 day vulnerabilities which can manifest quickly and spread like wildfire before a patch is created or released.

For PayPal to Be Secure, Its Users Need to Be Secure

Even if PayPal’s own infrastructure is secure, they can’t always count on their users being as savvy.

“PEBKAC Error: Problem Exists Between Keyboard and Chair”

Many of us know someone – a relative or a friend perhaps – who received an honest-looking PayPal email telling them their account had been hacked, their password had been changed, or they had purchased something they know they didn’t buy.

Of course, when faced with this kind of message, many people instinctively insist “That wasn’t me!” and login to a near-perfectly crafted replica, divulging their username and password which are promptly shuttled into the eager hands of hackers and then sold to the underbelly of the digital black market.

Not surprisingly, these opportunists take no prisoners, draining bank accounts, making mass-purchases on credit cards and debit cards, and leaving the bewildered victim picking up the pieces of their shattered financial lives.

PayPal does its part to remind consumers about not clicking on any emails from unrecognized links or senders, and to check their address bar for the common “https://” that denotes a secure site, but no method is 100% foolproof, especially when dealing with less tech-savvy users who choose guessable passwords like “love” and “123”.

The Defencely Difference

Defencely was recently honored on PayPal’s Wall of Fame for bringing a security issue to their attention that PayPal’s own engineers had failed to spot.  The Wall of Fame is an honor that few online security firms can claim – another testament which supports Defencely’s mission to make the web a safer place for everyone.

Not surprisingly, hackers are always trying to stay one step ahead of the antivirus, spyware and penetration testing companies.  But companies like Defencely are starting to beat them at their own game, putting up formidable digital walls that even the most sophisticated ‘script kiddies’ can’t break through.  Like modern-day burglars, hackers are only interested in easy access by any means possible.

And while PayPal must always stay active and prepared for new threats, it’s nice to know that there are companies like Defencely who are working alongside them, bringing new vulnerabilities to light and helping to squash exploits before they get a stranglehold on the server.

[maxbutton id=”1″]