Paypal Advises Users To Stop Using Safari 362
eldavojohn writes "Over concerns for lack of an anti-phishing mechanism for Safari, Paypal is telling its Mac users to use another browser. An author from Ars Technica reveals that he has been using Camino and has fallen victim to a Paypal related phishing scam via e-mail so this story must hit home for him. 'Currently the Apple browser does not alert users to sites that could be phishing for your info, and it lacks support for Extended Validation. PayPal is, of course, a popular site among phishers in their neverending search for personal information, user IDs, and passwords. While it's not entirely fair singling out Safari (other Mac browsers like Camino also lack this support), it is perhaps at least a helpful reminder of the threat.'"
In other news... (Score:1, Informative)
OpenDNS to the rescue (Score:5, Informative)
What nonsense. (Score:5, Informative)
IE over Safari? Really? I can understand wanting a good free browser like Firefox on OSX but IE? Do they even have IE 7 for OSX yet? The article Ars points to [yahoo.com] says that this is driven by IE7 users not quiting PayPal. The fishing stuff is pure speculation and not even Microsoft thinks IE7 fishing protection is effective:
Rather than percieved security, I think the reason they see more IE7 users still logging in is because IE7 users are the kind of sheep that move along when prodded. They are using Windows, right? Like sheep to the slaughter, every day.
I've got a paypal account. I don't use it much because I don't use Ebay much. I would never use an emailed link to visit the site because it's just as easy to find the right page through Paypal itself. If they make it hard, they don't deserve my business.
Re:What nonsense. (Score:3, Informative)
Re:Maybe Apple should... (Score:3, Informative)
Fish all you want... (Score:5, Informative)
They can get my paypal username and password, but they still need the electronic key that only *I* have. I suggest anyone who actually uses paypal get one of these, they are trivial to use and paypal is selling them incredibly cheaply.
Re:Maybe Apple should... (Score:5, Informative)
Safari is better for this strategy since it uses the secure key chain and not the - last time I checked - weak obfuscation that Firefox uses.
Re:OpenDNS to the rescue (Score:1, Informative)
oh, and you also get some other cool features, like having any email, ssh, IM, or well, all, of your network connections go to OpenDNS servers when connecting to broken, mistyped, or if-they-just-feel-like-it, domains.
EASILY fixed - never click on email links (Score:5, Informative)
Paypal will NEVER require you to click on a link in an email. All ebay functions can be accessed from my.ebay.com. My bank specifically states 'we will never send you links in an email, ALWAYS type in our website address yourself'.
Follow that advice and you have no problems. PERIOD.
If you think the email is legit, log into the site you type in yourself and see if there is an alert. Or ring them yourself. (On a side note I once had a credit card company ring ME and refuse to say who they were until I confirmed who I was by giving my DOB. I rang them back on the proper number and went off at them.)
Case closed yadda yadda.
Re:Uhm, no (Score:4, Informative)
Solution is simple (Score:4, Informative)
No ads required in Safari (Score:4, Informative)
Paypal hasn't been Safari friendly for a while (Score:2, Informative)
Re:EASILY fixed - never click on email links (Score:3, Informative)
Happened to me once, with a Wells Fargo credit card. Except it wasn't a person, it was a computer! (ie, voice prompts). And it wanted me to enter not my DOB, but my SSN!! At first I was sure it was a scam, that there was no way my bank would do something so stupid. But after hanging up & calling them back directly, I found out it was something they do. It's so sad how poor the security is for credit card related stuff these days in the US.
Re:Maybe Apple should... (Score:3, Informative)
Anyways, there's an easy, system-independent solution for at the very least your input troubles: Localized keyboards. You seem to be using lots of international characters (ë is french, ö is german, £ english), you may want to try the German (Switzerland) keyboard layout. It's a bit more convoluted than en-US (up to four or five characters on a single key), but it does have all the chars you get on en-US, all the chars you need for german, french, italian, conversations about english, american or european currencies.
Check it out [biocrawler.com]