[Noisebridge-discuss] Paypal "account verification"
travis+ml-noisebridge at subspacefield.org
travis+ml-noisebridge at subspacefield.org
Sat May 29 05:44:34 UTC 2010
On Fri, May 28, 2010 at 10:24:12PM -0700, Sai Emrys wrote:
> I just logged in to paypal and got a screen asking me to give the full
> account number for one of my accounts, plus new password & security
> questions.
>
> It claims to be 'account maintenance' and at first I thought it was a
> phish, but the SSL checks out and it provided the last 4 of my PP-tied
> accounts, so I suspect it's more like they flagged my account for some
> reason.
>
> Anyone know what's going on? First I've seen of it.
Accessing the site from a different country or browser triggered extra
security checks. They do browser fingerprinting, including plugins
and screen resolution, and any major changes could trigger something
like this.
(I worked in security, but not in the account protection group, so
this is informed speculation on my part)
Yeah, it's weird, and IMHO a little intrusive, but since they
generally make customers whole if there's fraud, they have reason to
be more aggressive than they would be if they made it your problem.
--
A Weapon of Mass Construction
My emails do not have attachments; it's a digital signature that your mail
program doesn't understand. | http://www.subspacefield.org/~travis/
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.noisebridge.net/pipermail/noisebridge-discuss/attachments/20100528/f6b58674/attachment-0003.sig>
More information about the Noisebridge-discuss
mailing list