The Scary Truth About PayPal Security


Fort Knox or Facade?

PayPal – with billions of dollars in online and real-life goods and services being bought through it every day, one might easily believe that this company has a veritable fortress of security protocols in place to protect its customers’ financial information.

And while it’s true that PayPal does take security seriously, the fact is that no company is immune from every potential threat or exploit.

Hackers go out of their way to plant false cookies, send spoofed emails, and install “sniffers” in the background that actively look for security holes to exploit

Potential threats can seem endless.

Beyond the common types of hacks, PayPal also has to watch out for 0 day vulnerabilities which can manifest quickly and spread like wildfire before a patch is created or released.

For PayPal to Be Secure, Its Users Need to Be Secure

Even if PayPal’s own infrastructure is secure, they can’t always count on their users being as savvy.

“PEBKAC Error: Problem Exists Between Keyboard and Chair”

Many of us know someone – a relative or a friend perhaps – who received an honest-looking PayPal email telling them their account had been hacked, their password had been changed, or they had purchased something they know they didn’t buy.

Of course, when faced with this kind of message, many people instinctively insist “That wasn’t me!” and login to a near-perfectly crafted replica, divulging their username and password which are promptly shuttled into the eager hands of hackers and then sold to the underbelly of the digital black market.

Not surprisingly, these opportunists take no prisoners, draining bank accounts, making mass-purchases on credit cards and debit cards, and leaving the bewildered victim picking up the pieces of their shattered financial lives.

PayPal does its part to remind consumers about not clicking on any emails from unrecognized links or senders, and to check their address bar for the common “https://” that denotes a secure site, but no method is 100% foolproof, especially when dealing with less tech-savvy users who choose guessable passwords like “love” and “123”.

The Defencely Difference

Defencely was recently honored on PayPal’s Wall of Fame for bringing a security issue to their attention that PayPal’s own engineers had failed to spot.  The Wall of Fame is an honor that few online security firms can claim – another testament which supports Defencely’s mission to make the web a safer place for everyone.

Not surprisingly, hackers are always trying to stay one step ahead of the antivirus, spyware and penetration testing companies.  But companies like Defencely are starting to beat them at their own game, putting up formidable digital walls that even the most sophisticated ‘script kiddies’ can’t break through.  Like modern-day burglars, hackers are only interested in easy access by any means possible.

And while PayPal must always stay active and prepared for new threats, it’s nice to know that there are companies like Defencely who are working alongside them, bringing new vulnerabilities to light and helping to squash exploits before they get a stranglehold on the server.

[maxbutton id=”1″]

Defencely Recognized by PayPal for its Security Expertise


What a way to cap off a week. Defencely along with it’s web application security services have yet again been onto recent acknowledgement pages on biggest giants of the web world. To start off with the posts, here’s to what Defencely provides:

  1. An antique set of quality security service.
  2. State of art Vulnerability Assessment and Penetration Tests.
  3. Quick code review with Code Auditing Servcies.
  4. Network Security Engagements.
  5. Mobile Application Security Engagements.
  6. Quality Reporting as Deliverables.

Benefits of Defencely services would fall short for this post. Before starting off, It’s a precise formula for every company in the information security market to have expertise set of skilled developers, researchers, and home-grown enterprenuers; Defencely as it’s proved now hasn’t fallen short of in any yet and would continue providing best security 360 degree cyber suite as professional services to MEGA corporate business and ensure Busness stays at safe hands with a complete security package at unbeatable price ranges. Quality Assurance, and benefeciaries matter for these big giants and they could not keep their eyes moving fast enough when ‘Defencely’ security experts lay their hands on the keyboard and start considering ‘security’ as their primary business of the day.

Within a short 1-year commencement under expertise umbrella, Defencely had hand picked security researchers, trained them into their concerned portfolios and hence have been looking forward to create a history in India with it’s efforts to change the face of industrial information security war, as it’s played by the con and defended by the Defencely Standards. This post is regarding one of the many achievements Defencely is proud to share with the world wide web and the followers. The excerpt goes as mentioned below:

Earlier this week we were recognized by AT&T on their Security Acknowledgements page, and now we’ve received the same from PayPal.

PayPal has recognized Defencely on its 2013 Big Bounty Wall of Fame, for our security work helping them keep their service as one of the safest ways to pay online.

PayPal oversees millions of transactions per day, so online security is of utmost importance to the successful running of its business.

We’re only happy to help businesses like PayPal stay secure, while making a positive influence on the online security community.

“Security success is the sum of small efforts, day in, day out.”  That’s the motto we live by here at Defencely..

[maxbutton id=”1″]