Ecommerce software home
Shopping Cart Software Forum for Ecommerce Templates
 
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
 Password:
Save Password
Forgot your Password?

Find us on Facebook Follow us on Twitter View our YouTube channel
Search our site
Forum Search
Google Site Search
Buy now for ...
How it works
General help
 All Forums
 General
 Off topic, News and Updates
 PayPal PCI Compliance Email Re: VikingCloud
Author    Topic »  

pauld
Advanced Member

USA
490 Posts

Posted - 01/10/2025 :  15:12:22  
For months we've been getting emails from an unknown vendor called VikingCloud with the domain securetrust.com, having subject lines like "Your PCI compliance status requires attention".

We assumed that these were one of the many junk emails we get from "partners" of services we've used like Google, Amazon, and Dunn and Bradstreet. These emails always seem to evoke the name of the bigger company to try and sell useless add-on services.

However this week we received an email from paypal@paypal.com with the subject "PayPal PCI Compliance – Review Important Updates" that seems to demand we create an account with VikingCloud to evaluate our PCI compliance.

We certainly do not want to engage with VikingCloud if possible.

And, I'd understood that the newest ECT-PayPal integration isn't subject to this sort of PCI audit since our systems never retain payment card numbers.

However the PayPal email has this vague warning:

"As a business accepting credit cards online who touches, stores, or transmits card details, you are required to meet specific payment card security standards to ensure your business has the right controls in place to reduce your risk of a cyber incident. "

Can anyone shed light on this?

Thanks in advance for your help with this.

Edited by - pauld on 01/10/2025 15:25:39

dbdave
ECT Moderator

USA
10448 Posts
Posted - 01/10/2025 :  17:26:58  
Not that I trust reddit as a reliable source, but some of the consensus here is it's a scam or ignore it.
I would call Paypal direct and ask them.
https://www.reddit.com/r/paypal/comments/1eht2po/is_the_vikingcloudpaypal_annual_pci_certification/?rdt=62035

David
Edited by - dbdave on 01/10/2025 17:27:30

pauld
Advanced Member

USA
490 Posts
Posted - 01/11/2025 :  06:56:10  
Dave, thanks for this.

I found a PayPal Community thread on this subject too: https://www.paypal-community.com/t5/Security-and-Fraud/Emails-from-Securetrust-which-claims-to-be-a-Paypal-company/m-p/3190636.

Like the Reddit posts, merchants in that PayPal Community thread are suspicious of the 'VikingCloud' emails and doubt there's any action required, but nobody is sure.

Over the years we've seen some jarring 'action required' emails from PayPal - for example the required TLS and SHA-256 security changes of 6/2016. Those always stated specific technical details and explicit deadlines for action.

The fact that those 'VikingCloud' emails have vague requirements with no explicit deadline makes them seem very suspect.

- Can anyone suggest some other way to confirm that this is marketing Spam - as opposed to a looming threat that could shut us down?

Again, this is much appreciated.
Edited by - pauld on 01/12/2025 04:27:03
     Topic »  
Jump To:
Shopping Cart Software Forum for Ecommerce Templates © 2002-2022 ecommercetemplates.com
This page was generated in 0.02 seconds. Snitz Forums 2000