PricePal HTTPS Failing?

CacheHunter on 16/12/2016 - 17:03

Hi, I'm was wanting to make a purchase through Pricepal, but when I log in from work, I get a red cross over the padlock and https: crossed out in Chrome. When I try to log in using IE, IE shuts the site down claiming 'Windows Data Execution Prevention detected an add-on trying to use system memory incorrectly. This can be caused by a malfunction or a malicious add-on.' Are others experiencing the same errors? I was wanting to use Pricepal at Uniqlo because the cashback is 6.3% instead 5.6% with Cashrewards.

Is it possible that Pricepal has been compromised? If so, and we enter our passwords when we try to login, it would be easy enough for someone to change all of our bank account details to their own and collect our cashbacks over the Christmas period when we are doing more shopping and more likely to be distracted.

Am I right to be concerned? Or do I need to go and get my tinfoil hat relined?

Poll Options expired

  • 0
    No, this is normal, don't stress
  • 3
    Unusual, but I'm not getting the same errors
  • 0
    I'm also having trouble logging in securely
  • 1
    This is not good, take the lower cashback with Cashrewards and be safe
General Discussion

Related Stores

PricePal
PricePal
Marketplace

Comments

  • scotty on 16/12/2016 - 17:20
    +2

    PricePal's SSL site works fine for me. Looking at it's certificate:

    • Signed by GoDaddy with SHA256
    • Valid until 3/11/2017

    When you click on the crossed HTTPS on Chrome, click on "Details" and then View certificate — what's the warning message?

  • trustnoone on 16/12/2016 - 17:58
    +1

    You say from work? Does it happen at home or anywhere else? I'm wondering if work network is doing something with the data? Like you are no longer secure due to work network (or maybe work addon?).

  • CacheHunter on 16/12/2016 - 21:18
    +1

    Thanks scotty and trustnoone. It looks like its the work network. No problems from home.
    Its weird because I've never had it happen when accessing any other https web site. Anyway, if the work network is somehow blocking a secure connection, it has me wondering why. I'll have to chat to the work admins next week.

    Thanks again for your prompt reassurance that all's ok.

  • retiredfeline on 16/12/2016 - 21:26

    I have noticed issues with https from assorted networks. For example ozbargain can't be accessed from Woolies free WiFi. WhatsApp messages don't go through either.

    I don't think these networks are doing MITM attacks, but rather they check the SSL cert of the site on the side. However due to the network proxy not being up to date with all the cert authorities, some certs are deemed invalid and the connection is denied.

    • scotty on 16/12/2016 - 22:43

      don't think these networks are doing MITM attacks

      Imagine network operator at work doing a malicious MITM converting all your PricePal & Cashrewards tokens with his so the cashback from all the purchases in the office goes to his account…

Login or Join to leave a comment
Login Join