Notice of a password change may see unwitting recipients of this spoofed eBay email, rushing to enter their Paypal log in details into a bogus form...

This spoof eBay email (see image below) is in HTML format (although it does look like a text only email in order add a sense of authenticity to the link text). The link in the email has been disguised using HTML code to look like a genuine link to Paypal and but it has been coded to open a forged Paypal web form (see image below).

The bogus form is located at http://66.193.175.244/~dom2com/ which resolves to a Time Warner Telecom user's web space. Any information submitted into the bogus form is forwarded to the scammers via a PHP script located at the same address.

If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.

The Spoof Email ...

Important Notice:

The password of your PayPal account was successfully changed on March 24, 2004.

If you did not authorize this change, please contact the PayPal Team using the link below:

https://www.paypal.com/us/wf/f=ap_default

This request was made by:

IP address: 199.35.100.119
ISP Host: dsc06-cld-oh-199-35-100-119.rasserver.net

Thank You for using PayPal!

--------------------------------------------------------------------------------

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.

The Bogus Web Content...