[cryptography] Paypal phish using EV certificate
cloos at jhcloos.com
Tue Aug 13 20:22:12 EDT 2013
>>>>> "PG" == Peter Gutmann <pgut001 at cs.auckland.ac.nz> writes:
PG> Even though, according to the second article I referenced, Paypal said it was
PG> a phishing site and said they'd take it down?
It looks like paypal aquired it around the date of that article, and
registered it with Markmonitor:
Domain Name: PAYPAL-COMMUNICATION.COM
Registrar: MARKMONITOR INC.
Whois Server: whois.markmonitor.com
Creation Date: 06-apr-2011
So although that domain name might have originated as a phish site, it
seems paypal has decided to use it to disassociate marketing mail from
their transaction report mail.
Separation of important mail from marketing mail by using different
domains for each is a common tactic in the control-spam-but-get-the-
James Cloos <cloos at jhcloos.com> OpenPGP: 1024D/ED7DAEA6
More information about the cryptography