Note: The information and/or technique provided is
simply an example to illustrate how easy it is for anyone to access
your products without paying for them. I am not responsible if you use
or someone else uses the information with criminal intent.
When you use PayPal to sell digital products your typical PayPal source code will look like this:
< form action="https://www.paypal.com/cgi-bin/webscr"
method="post">
< input type="hidden" name="cmd" value="_xclick">
< input type="hidden" name="business"
value="youremail@yourdomain.com">
< input type="hidden" name="item_name" value="your product name">
< input type="hidden" name="item_number" value="001">
< input type="hidden" name="amount" value="29.95">
< input type="hidden" name="no_shipping" value="1">
< input type="hidden" name="return" value="http://www.yourdomain.com/download.html">
< input type="hidden" name="cancel_return" value="http://www.yourdomain.com">
I have bolded the section of the code that has your download link. This
gives the web address of the page the customer will be sent to by
PayPal once the payment has been accepted.
If you don't encrypt your source code it's very easy for anyone to steal your products at any time without your knowledge.
Here's the scenario:
- Mr/Ms. Cyber-Thief visits your web site and he/she is interested in your digital product(s).
- They decide to just take it without paying
- They simply view your html code searching for your PayPal source code
- They find your "return url" (bolded example above) in the code
- They just cut and paste the "return url" in their browser
- They've bypassed the payment process altogether... now they're at your download page taking whatever they want!
I can personally guarantee that if your PayPal source code is unsecure
people are stealing your products... the entire process takes less than
30 seconds and is virtually undetected!
There are several other ways that a cyber-thief can steal your digital
products but I will not disclose them here. The illustration above is
the most common and easiest method to exploit the PayPal security hole.
Now is the time to act and protect your products and profits!
You can choose to ignore the problem or you can take preventive steps to secure your profits!
If you like the idea of selling digital products on the Internet and
love the concept of being paid instantly you must protect your PayPal
source code.
The decision to want to protect your products and secure your profits should be a no-brainer!
Close this window to go back to the order page!
To Your Success,
Daniel B. Baker
|
|
