Genuine PayPal emails with spoof URLs
19/10/2007 at 08:35
PayPal emails are corrupt this morning. They are arriving for valid transactions with the PayPal URL replaced by an error. The links in the email including picture links all refer to https://SECURE.UNINITIALIZED.REAL.ERROR.COM/uk/vst/id=xx
It has to be more than a little embarrassing for PayPal just as the number of phishing emails are falling and they’ve implemented domain keys to then insert a load of dodgy URLs into their payment notification emails.
Steve H says
8:42 am on 19/10/2007
This has been happening for about 2 weeks now. When you look at the affected transactions from within Paypal, all have the user’s email in place of the eBay user id for some reason.
Chris Dawson says
9:28 am on 19/10/2007
It’s not the user id/email address that’s the problem, it’s the fact it’s a totally incorrect URL – that’s only appeared this morning
Allotment says
11:50 am on 19/10/2007
Steve is right, It has been happeing for a couple of weeks on a small percentage of payment emails (missing id and incorrect URL). I reported it to PayPal when I got the first one, have heard nothing since but still continue to receive them…
Allotment says
11:51 am on 19/10/2007
I think it started soon after their announcement re Domain keys..
Sue Bailey says
1:07 pm on 21/10/2007
Like Steve, I’ve been getting the secure.uninitialised etc. thing for a couple of weeks, but it appears to be fixed this morning.