[cryptography] not a Paypal phish using EV certificate

Andy Steingruebl andy at steingruebl.com
Tue Aug 13 12:40:21 EDT 2013


On Tue, Aug 13, 2013 at 9:25 AM, Ben Lincoln (F70C92E3) <
F70C92E3 at beneaththewaves.net> wrote:

>
> Unfortunately, it does look somewhat suspicious from a phishing
> perspective, especially if a link to a paypal.com subdomain redirects to
> it, which (to an end user) looks a lot like what happens when a link to a
> phishing site is disguised as a link to the real site.
>

Yep, but at the same time all links in the email point to the same domain
that the mail is from, rather than to things that aren't paypal.com which
is by design from a monitoring, control, and anti-abuse perspective.   That
way the user isn't making decisions about clicking on a link to a domain
they haven't heard of, they get routed through one they are more familiar
with.

- Andy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130813/b2765790/attachment.html>


More information about the cryptography mailing list