" Dear PayPal valued member, Due to concerns, for the safety and integrity of the PayPal community we have issued this warning message. "...

This spoofed Paypal email contains a link which has been disguised using HTML code, and will open two browser windows...

In the first window, the genuine Paypal.com page will open and in the second, the bogus or forged Paypal page will be opened, but with the browser address, tool and status bars removed thereby giving it the appearance of a pop-up window generated by the genuine paypal.com page. This is not the case though, the bogus page has a URL which is entirely different to Paypal's - http://67.15.24.39/~kinelors.net/verify.html which resolves to servers owned by Everyone's Internet in the USA.

This method of delivering forged web conent in these phishing scams has been on the increase over the last month, with many other examples targeting eBay users as well. You can see the URL of such pop-up style windows by selecting the page properties from the file menu.

At all times, users should only enter websites like Paypal or eBay by manually entering the URL directly into their browser address bars. Please also follow all recommendations in our Brief Guide to Phishing to avoid becoming a victim. Awareness is also a key issue, the more that know about these scams the fewer the number of victims there will be. Please help to build awareness and let your friends, family and colleagues know about our services here. You may also use our free Scam Alert RSS News Feed on your own web site to warn your visitors of these scams.

If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.

The Spoof Email ...

The bogus web page ...