Friday, May 27, 2005

I've been phished

I just received an e-mail from PayPal, informing me that my account has been accessed and that I have three days to confirm my details or the account will be blocked. I went to the link:

and it certainly looked like PayPal's web page. All the menus worked, but then I noticed something odd. The link above is not but So I did a WHOIS and it came up blank - no known address!

So I next went to and it certainly looked the same. This time WHOIS came up with a legitimate owner - PayPal.

One more check confirmed the phish. I went to the rogue link (the one above) and clicked on a menu item. Sure enough the URL changed to Then, when I clicked back to the welcome page, it took me to the official home.

This is a very clever attempt at obtaining personal information in that it would be very easy to overlook the URL.

Oh, yes, one other reason I was suspicious. I DON'T HAVE A PAYPAL ACCOUNT!!!!