I received a notification from PayPal that @weavium (Weavium) issued me a $5 credit if spent at Weavium.com, yet when I went to Weavium.com, the site is no longer a secure site.
Just feels odd. I made a similar post on @weavium’s Black Friday post, but the more I think about this the more alarm bells ring. Maybe this started with a @cartloom hack so @yabdab should review as well?
This $5 credit thing seems like something that should have been part of the Black Friday sale, and now feels like a lure.
I recieved a similar paypal offer from a different vendor, if you purchase the item by a certain date you will get an additional $5 discount. Looks like another way to entice you to buy.
True, why post 2 similar replies on the board re: the site being hacked? Why not create a thread asking if any one has received a PayPal promotion instead of scaring possible customers?
I don’t know why you think the links you’re giving in both posts about this is insecure?
They redirect to https.
And you really need not post twice about the same thing.
If you got something from PayPal then I would think your questions are for PayPal. If you used them to pay with they know who you made purchases from. Perhaps it a PayPal promotion.
BTW, cartloom and Weavem I doubt keep any of your payment information PayPal or other payment gateways are the only ones that get access to that.
@weavium processes sales through Cartloom, and the transaction begins with collecting an email address.
I purchase @weavium software titles through PayPal via Cartloom transactions. When I went to Weavium.com via my phone, it shows the site as not secure.
The common denominator connecting all these events is my email address–that was first collected by Cartloom.
Maybe this isn’t a problem. I don’t know.
Maybe it is a problem. I don’t know that either, that’s why I posted here because the RapidWeaver Forum is where I get answers, though not always.
For everyone reading this thread now and in the future, let me assure you that this has nothing to do with Cartloom. It is not even possible for Cartloom.com to effect the SSL certificate of another site. Web hosting and SSL certificates do not work this way. It’s just not possible.
I am still baffled as to why Cartloom was pulled into this thread.
If a site comes-up with a browsers “Not Secure” warning doesn’t mean the site has been hacked. It just means the URL isn’t using SSL or isn’t’ forcing an https connection.
I was unable to get a non-secure connection to the link provided above. But even if I could it has nothing to do with being hacked!!!
Not sure why you would think one thing leads to another in this case.
Could you have gotten a scam email? Happens all the time. You said it was from PayPal. Did you ask PayPal? Did you ask them was Paypal.com Hacked?
weavium.com does not redirect http to https - probably an over-site.
So if you get there from a link http://weavium.com it will come up as insecure. If you get there from a link https://weavium.com it will show as secure.
As pointed out, this has nothing to do with Cartloom and in no way indicated Weavium has been ‘hacked’ although they should fix this issue.
I’m seeing a similar situation with a site which I was just about to provide with some information about a personal matter, this site also tries to collect personal information like email addresses and invites you to upload images or documents - but at the last moment realised that the site isn’t secure at all. Maybe thats been hacked too?
So if every site that doesn’t use SSL somehow indicates it has been hacked and you should stay away from them, that means that sites that use SSL haven’t been hacked?
Better forget about using stacks anymore as the YourHead site must have been hacked.
The reality is that most of the positively bad sites use SSL, the ones that want your private information. After all, it’s free now and the last thing they want is a warning telling you that the site is not secure.
The only thing that is “Not Secure” when you get that warning is the connection from the host to the client. It has nothing to do with the security of the company or individual that owns the site.
No need to worry. Weavium has not been hacked. Paypal suggested a way to recover lost sales and out of curiosity I clicked on the button. I believe for some reason the url on paypal was set to http instead of https, which has since been updated.
Sorry for any confusion that may have been caused.
I believe for some reason the url on paypal was set to http instead of https, which has since been updated.