Mobile payment app PayPal at risk! Cybercriminals can steal your bank details

Mobile payment technologies lets customers to make transactions in a single click. But, recently, it has been discovered that PayPal would make easy for the cybercriminals to steal the bank data.

Cybercriminals uses a social-engineering techniques to convince the user to click on the link. Afterwards, they reset passwords, changes payment methods and withdraws money from the accounts.

The attackers can take the users money by using Clickjacking. This term is also known as a “UI redress attack” and is used by the attackers to trick users. Consequently, they use multiple transparent or hazy layers to fool users into clicking on a button or link on another page. By this, they hijacks the user’s mobile and acquires every bank details on the mobile.

However, PayPal has stated that one of the security researchers has alerted the team. Also, the researchers found a way to bypass PayPal’s Cross-Site Request Forgery (CSRF) Protection Authorization System during login in PayPal. Consequently, through the PayPal Bug Bounty program, the research team alerted the company. After that, PayPal team worked and tried to fix this threat quickly.