PayPal is one of the most popular online payment processors, but according to security researchers, millions of the service’s users might be at risk due to system flaws.
PayPal is used by millions of people around the globe for making payments, sending money, storing funds, getting paid for their work, and more. As such, it is one of the most effective and user-friendly payment companies out there. However, its millions of users are now reportedly in danger of getting robbed, as security researchers from CyberNews report extremely dangerous vulnerabilities in its systems.
Researchers have reported six major issues that the service suffers from earlier this year, in January. Three of them were fixed by PayPal since the service initially contacted the payment firm, but three still remain, and they include the most serious of the six original flaws.
Another important problem is that PayPal claims that two of the remaining three flaws are not their own responsibility. According to CyberNews’ Senior Researcher, Bernard Meyer, the firm has decided to make the flaws public as people need to be warned of the flaws that PayPal refuses to take care of.
According to the report, around 305 million account holders are in danger of hackers, while PayPal only gives vague responses, denial, and its staff remains unresponsive. The company did not receive a bounty, credit, nor even thanks for the flaws that they reported thus far.
The disclosed flaws can be exploited if the hackers attain the users’ emails and passwords from the dark web. They can then bypass PayPal’s 2FA, and steal the money from the company’s users. Hackers can even bypass other security features and measures that are there to detect suspicious activity.
Still, there are actions that users can take to protect themselves better, such as changing the current password to another one — a unique, more complex one. Further, users should have a premium, up-to-date antivirus software on their devices — particularly computers and smartphones.
Finally, users should also consider getting a VCC (Virtual Credit Card), as they are well-established and they allow users to spend money online with their card details protected. In addition, people should try not to hold large amounts, or really any mounts on their accounts, not including actual bank accounts.