Phishing scam uses PayPal secure servers
A cross-site scripting flaw in the PayPal website allows a phishing attack to masquerade as a genuine PayPal login page with a valid security certificate, according to security researchers.
Fraudsters are exploiting the flaw to harvest personal details, including PayPal logins and credit card details, according to staff at Netcraft, an internet services company in Bath.
At PC Advisor.
[ Read more ]