Epl.paypal-communication - Is this domain safe?

349    Asked by Aalapprabhakaran in Cyber Security , Asked on Apr 8, 2022

 I have just received a message asking to consent to PayPal policy updates from the domain: https://epl.paypal-communication.com

The actual link is full of trackers. Given the domain name, it sounds like a routinely email spoof. Also, visiting the domain, you are welcomed by a "503 Service Unavailable" message.


After some investigations, including whois, the weird domain seems really linked to PayPal.com. That being the case: Why should a company (and in particular a company dealing with payments) send messages from another domain?


Why add countless trackers if you can already recognise users from login?


Should the practice of sending messages from somecompany.com using anothercompany.com become established, it will be virtually impossible for users to tell if a website is legit or a scam.

Answered by Aalap prabhakaran 
Those who have received said email that has a hyperlink "epl.paypal-communication.com/xxxxxx" have any of you ever clicked on the link and allowed it pass your AV/browser extensions blocks?



After analysing the email header, I also have deemed that these emails are being sent through some sort of "affiliate" of PayPal.

Allowing the link to progress does resolve to a legitimate page at PayPal.com, it does not take you to a spam/phishing website.

I am attaching an analysis from said header of the email thats has the embedded link that contains the domain epl.paypal-communications.com

https://mxtoolbox.com/Public/Tools/EmailHeaders.aspx?huid=ef39fbf8-320c-4817-94b4-ca92caea1610

That PayPal seem to not want to assist those of us who have contacted them regards this and that we have shown we have all the tools that show us that there does seem to be some affiliation between PayPal and this domain, that the responses from support totally disregard this volume of information, I for one deem that something fishy is going on with PayPal and how they do not want to share this affiliation they have with said domain.

Am unsure (I only became a member after becoming frustrated with not finding a definitive answer to this issue) if I can attach the link from the email, but here it is below.

https://epl.paypal-communication.com/T/v40000017178e33c1f8f07c66e96c660f0/d75240de57f64a790000021ef3a0bcc4/d75240de-57f6-4a79-bbc5-dba60daba60e?dU=v0G4RBKTXg2GtDSXU69hUjn5RqR7EEyYkx https://epl.paypal-communication.com/T/v40000017178e33c1f8f07c66e96c660f0/d75240de57f64a790000021ef3a0bcc5/d75240de-57f6-4a79-bbc5-dba60daba60e?dU=v0G4RBKTXg2GtDSXU69hUjn5RqR7EEyYkx

The first link will resolve to

https://www.paypal.com/cy/webapps/mpp/ua/upcoming-policies-full?utm_source=epsilon&utm_campaign=A_EP_EMEA_37204_B2C_B2B_Q1_2020_UA_Email_EMEA_REU_Rest_cy_en_US&utm_medium=email

And the second link will resolve to

https://www.paypal.com/cy/smarthelp/home?utm_source=epsilon&utm_campaign=A_EP_EMEA_37204_B2C_B2B_Q1_2020_UA_Email_EMEA_REU_Rest_cy_en_US&utm_medium=email

As others have posted, they seem to be 3rd party affiliates of PayPal.

That PayPal is in denial about this, well we are free to draw our own conclusions.

Your Answer

Online Course

Tutorials

Salesforce Tutorial

Software Testing Tutorial

SQL Tutorial

Business Analyst Tutorial

Devops Tutorial

Data Science Tutorial

AWS Tutorial

Hadoop Tutorial

SSRS Tutorial

AWS S3 Tutorial

Functional Testing Tutorial

SSAS Tutorial

Automation Testing Tutorial

Manual Testing Tutorial

Selenium Tutorial

Kubernetes Tutorial

Scala Tutorial

ETL Testing Tutorial

Python Tutorial

Pyspark Tutorial

R Tutorial

Unit Testing Tutorial

API Testing Tutorial

Puppet Tutorial

Integration Testing Tutorial

Chef Tutorial

Jenkins Tutorial

Ansible Tutorial

Vagrant Tutorial

Docker Tutorial

Interviews

Parent Categories

Copyright | JanBaskTraining.com