Is this Paypal Github SDK reference really a dangerous site?
I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.
And linked to this below site (SDK Reference).
At this point both Chrome and Firefox warned me about
Deceptive Site Ahead
Is this site really dangerous?
URL's are listed here so that people don't need to click on potentially dangerous links:
https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html
web-browser credit-card account-security
asked Mar 8 at 8:51
user230910user230910
368137
add a comment |
I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.
And linked to this below site (SDK Reference).
At this point both Chrome and Firefox warned me about
Deceptive Site Ahead
Is this site really dangerous?
URL's are listed here so that people don't need to click on potentially dangerous links:
https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html
web-browser credit-card account-security
asked Mar 8 at 8:51
user230910user230910
368137
4
Seems to be fixed in Chrome now.
– Omegastick
Mar 8 at 15:28
6
I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.
– zero298
Mar 8 at 23:03
add a comment |
I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.
And linked to this below site (SDK Reference).
At this point both Chrome and Firefox warned me about
Deceptive Site Ahead
Is this site really dangerous?
URL's are listed here so that people don't need to click on potentially dangerous links:
https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html
web-browser credit-card account-security
asked Mar 8 at 8:51
user230910user230910
368137
I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.
And linked to this below site (SDK Reference).
At this point both Chrome and Firefox warned me about
Deceptive Site Ahead
Is this site really dangerous?
URL's are listed here so that people don't need to click on potentially dangerous links:
https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html
web-browser credit-card account-security
web-browser credit-card account-security
asked Mar 8 at 8:51
user230910user230910
368137
asked Mar 8 at 8:51
user230910user230910
368137
edited Mar 8 at 9:05
user230910
asked Mar 8 at 8:51
user230910user230910
368137
asked Mar 8 at 8:51
user230910user230910
368137
asked Mar 8 at 8:51
user230910user230910
368137
368137
4
Seems to be fixed in Chrome now.
– Omegastick
Mar 8 at 15:28
6
I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.
– zero298
Mar 8 at 23:03
add a comment |
4
Seems to be fixed in Chrome now.
– Omegastick
Mar 8 at 15:28
6
I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.
– zero298
Mar 8 at 23:03
4
4
Seems to be fixed in Chrome now.
– Omegastick
Mar 8 at 15:28
Seems to be fixed in Chrome now.
– Omegastick
Mar 8 at 15:28
6
6
I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.
– zero298
Mar 8 at 23:03
I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.
– zero298
Mar 8 at 23:03
add a comment |
2 Answers
2
active
oldest
votes
This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.
Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.
For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.
edited Mar 8 at 14:46
yoozer8
1721211
answered Mar 8 at 10:05
mootmootmootmoot
2,069615
add a comment |
No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.
answered Mar 8 at 9:01
forestforest
38.4k18123137
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205009%2fis-this-paypal-github-sdk-reference-really-a-dangerous-site%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.
Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.
For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.
edited Mar 8 at 14:46
yoozer8
1721211
answered Mar 8 at 10:05
mootmootmootmoot
2,069615
add a comment |
This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.
Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.
For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.
edited Mar 8 at 14:46
yoozer8
1721211
answered Mar 8 at 10:05
mootmootmootmoot
2,069615
add a comment |
This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.
Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.
For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.
edited Mar 8 at 14:46
yoozer8
1721211
answered Mar 8 at 10:05
mootmootmootmoot
2,069615
This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.
Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.
For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.
edited Mar 8 at 14:46
yoozer8
1721211
answered Mar 8 at 10:05
mootmootmootmoot
2,069615
edited Mar 8 at 14:46
yoozer8
1721211
edited Mar 8 at 14:46
yoozer8
1721211
edited Mar 8 at 14:46
yoozer8
1721211
1721211
answered Mar 8 at 10:05
mootmootmootmoot
2,069615
answered Mar 8 at 10:05
mootmootmootmoot
2,069615
answered Mar 8 at 10:05
mootmootmootmoot
2,069615
2,069615
add a comment |
add a comment |
No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.
answered Mar 8 at 9:01
forestforest
38.4k18123137
add a comment |
No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.
answered Mar 8 at 9:01
forestforest
38.4k18123137
add a comment |
No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.
answered Mar 8 at 9:01
forestforest
38.4k18123137
No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.
answered Mar 8 at 9:01
forestforest
38.4k18123137
edited Mar 8 at 9:07
answered Mar 8 at 9:01
forestforest
38.4k18123137
answered Mar 8 at 9:01
forestforest
38.4k18123137
answered Mar 8 at 9:01
forestforest
38.4k18123137
38.4k18123137
add a comment |
add a comment |
Thanks for contributing an answer to Information Security Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f205009%2fis-this-paypal-github-sdk-reference-really-a-dangerous-site%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
4
Seems to be fixed in Chrome now.
– Omegastick
Mar 8 at 15:28
6
I don’t know why PayPal doesn’t self host this anyway. Especially since this is getting served over HTTPS.
– zero298
Mar 8 at 23:03