Smashing Security podcast #088: PayPal’s Venmo app even makes your drug purchases public

Industry veterans, chatting about computer security and online privacy.

Smashing Security #088: PayPal’s Venmo app even makes your drug purchases public

Not one of Google’s 85,000 employees has had their accounts compromised by phishing in a year.  How have they done it? Find out in this podcast.

Also, we discuss with special guest Scott Helme how websites still using HTTP are now marked as “not secure” by Google Chrome (and a way in which you can make it even more obvious), and if you’re buying drugs via PayPal’s Venmo app you should say goodbye to privacy.

All this and much much more is discussed in the latest edition of the award-winning “Smashing Security” podcast hosted by cybersecurity veterans Graham Cluley and Carole Theriault.

Smashing Security #088: 'PayPal’s Venmo app even makes your drug purchases public'

Listen on Apple Podcasts | Spotify | Pocket Casts | Other... | RSS
More episodes...


Graham Cluley – @gcluley
Carole Theriault – @caroletheriault


Scott Helme – @Scott_Helme

Show notes:

Sponsor: LastPass

LastPass Enterprise makes password security effortless for your organization.

LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps.

But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users.

Go to to see why LastPass is the trusted enterprise password manager of over 33 thousand businesses

Follow the show:

Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.

Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!

Warning: This podcast may contain nuts, adult themes, and rude language.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

4 comments on “Smashing Security podcast #088: PayPal’s Venmo app even makes your drug purchases public”

  1. Stephane

    You might be all excited by this HTTPS thing but for ordinary people who did their own websites with limited knowledge, it's really annoying. They must rely on free limited service like Cloudflare or pay extra cash, yearly to have this service. For example, with Global Sign, it would cost me £70 per year. There is no easy option for "ordinary people"…

    1. Graham CluleyGraham Cluley · in reply to Stephane

      Someone's ripping you off Stephane if you're having to pay £70 for HTTPS. Maybe it's worth you looking at an option like Cloudflare, or (if you're a bit more geeky) Lets Encrypt.

      1. Stephane · in reply to Graham Cluley

        Yes, I actually decided to use Cloudflare as I'm not geeky at all but now I always fear that if there is a problem with Cloudflare's servers that my website won't be accessible…

        1. Graham CluleyGraham Cluley · in reply to Stephane

          I wouldn't worry too much. If Cloudflare has a problem then tens of millions of other websites will suffer the same glitch as you.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.