Usability - Productivity - Business - The web - Singapore & Twins

Paypal Phish, getting damn good

This just arrived in my inbox:

It is an image with an hyperlink on the dispute transaction text to an Estonian host. It pretty much looks like a pixel perfect duplication of paypal. For a layman user difficult to spot (unless you do the magazines with the "spot-the-7-differences" a lot):
  • - Paypal sends text, not an image
  • - the hotspot is slightly off
  • - It has been send to me via BCC

May them grow pimples on their butt, so they can't sit painfree!

Posted by on 03 May 2006 | Comments (1) | categories: Gone Phisching


  1. posted by Per Henrik Lausten on Wednesday 03 May 2006 AD:
    Also worh remembering: Paypal always uses "Dear <name>" and not "Dear Paypal Member".

    Source: https://www.paypal.com/row/cgi-bin/webscr?cmd=p/gen/email-security