52

I'm working on integrating a payment system with paypal in C#, and I installed the official paypal nuget package. Then I went to the paypal github site.

And linked to this below site (SDK Reference).

At this point both Chrome and Firefox warned me about

Deceptive Site Ahead

Is this site really dangerous?

URL's are listed here so that people don't need to click on potentially dangerous links:

https://github.com/paypal/PayPal-NET-SDK
http://paypal.github.io/PayPal-NET-SDK/Samples/PaymentWithPayPal.aspx.html
user230910
  • 1,005
  • 1
  • 11
  • 12

2 Answers2

112

No, it's not dangerous at all. Your browser is warning you because a non-Paypal website has Paypal in its name. This is a common technique used by phishing sites that attempt to fool you into thinking the site is official. For example, a website might be called paypal.secure1234.com and made to look like the official site, enticing you to trust it and input your sensitive credentials. The browser has no way of knowing that the site you are visiting has Paypal in its name for completely benign reasons.

forest
  • 64,616
  • 20
  • 206
  • 257
57

This is a typical false positive. Since Firefox is using Google safe browsing API, it will show similar warning as in Chrome browser. Since some antivirus also use the API, it will be warned by those antivirus as well.

Here is the Google safe browsing transparency report. Somebody needs to file an incorrect phishing warning to google to remove the incorrect warning.

For antivirus/security services, the false positive problem can be cascaded by Google safe browsing and each other's detection algorithm. If you put the URL into virustotal, you will see a possible detection compound problem, e.g. A see B,C,D services detect the URL, so it also assume the URL is bad.

google safe browsing results as at Mar 8 2019

(Update : phishing web page example)

Because github.io allows user to stage their web content, do not assumed that anything hosting there is safe. Here is an phishing webpage spotted and have been removed by github.io. a phishing github webpage

mootmoot
  • 2,387
  • 10
  • 16