Those little PayPal phishers are alive and well, and it appears they are prowling around the webmaster arena.

Yesterday I received an email from “PayPal” to an email address I use for one of my directories – the premium link option. Now the *funniest* thing is, it is a brand spanking new email address I just created yesterday and added to my PayPal account. I gave that email address out *1 time* earlier in the day to an enquiry about adding a premium link.

Now I’m getting phished on it.

Although the format and spelling used should be enough to twig you that the email is a farce, I did copy the email source to a pdf file. Take a look at it and pay attention to the link they use to get you to login. When the email was in .html format, the anchor text looked legit as the PayPal login, but look at the source code. A quick glance and it seems like it’s a PayPal domain. But nope, it’s a domain going to login-user5467. info. That domain was just registered yesterday, go figure. I wouldn’t even try loading the site – who knows if or how many viruses they have jacked into it.

PayPal Phishing Example

It can be a rough, skanky world out there. And seems the phishers are working their way around directory submission sites atm.

I’ve forwarded the email, headers and all to PayPal. They do claim to investigate every spoof submitted to them. Their advice and information is found on this page:

Protect Yourself from Fraudulent Emails

ETA: In case I wasn’t clear – I did not fall for the spoof and the phisher never obtained my PayPal login.