Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

PayPal And Android Email Apps Affected by Spoofing Vulnerability

Bipasha Mandal
Bipasha Mandal
Bipasha Mondal is writer at TechGenyz

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

A couple of months back, Eli Grey found a Google Inbox spoofing bug that would allow people to send mail to links that would spoof the recipient of the email. It could be used to send emails to a different address than shown on the recipient box. But the senders of the emails cannot, in any way, see the real recipient.

Eli Grey has found out a new vulnerability of the same kind but this time it involves spoofing and the PayPal mobile app. This vulnerability allows the users to click a link that will open the Android default app selector, the user then can select PayPal and this will bring up options for paying the user from the email. While using PayPal to pay a certain amount of money, it will show the user the email address which will receive the money.

But instead, here PayPal will show the user the fake email id instead of the scammer email. If someone receives an email link to donations@unicef.org, the money would not be sent to Unicef but rather the money will be sent to scammer@spoofing.net.

This obviously is very problematic, and Eli Grey brought the vulnerability to PayPal’s notice. But PayPal claimed that it was not a bug but a social engineering scam. This means that PayPal would not fix the problem and offer a solution. However, the bug affects other apps and operating systems such as macOS on the default mailing app. It also affects many Android email apps like Outlook and the default Samsung Email app, Inbox by Google and Gmail. This problem was fixed on Inbox by Google in May. It can only be hoped now that PayPal and other important companies with affected apps will fix this issue.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic