Very good PayPal phishing email

A certain phishing email from ‘PayPal’ caught our attention. When investigating the phishing email we could find that this is a very professional one. The email in fact confirms your payment to a company, in this case Plimus, for an amout of$55,89 USD. The email provides a link to dispute the transaction and this is where the phishing starts.

Following the link to report a dispute results in being directed to http://**-***-**-***.fld-bsr1.chi-fld.il.******.cable.rcn.com:90/www.paypal.com/cgi-bin/ and it brings you to the “PayPal login screen”.

Typical to phishing sites is that you can type in whatever you want as login or password, you will always be directed to a webform.

These guys have even included the animated screen ‘Logging in’ that you have when logging in to the real PayPal web site. After this screen you get a full webform which will try to get your full details.