" Dear PayPal user, We recently reviewed your account ,and suspect that your PayPal account may have been accessed by an unauthorized third party."...

Another instance of a spoofed email with a link coded to exploit the URL Spoofing (canonicalisation) vulnerability that exists in unpatched versions of Internet Explorer browsers. Microsoft issued a patch at the beginning of February 2004, use the 'Browser URL Spooing Vulnerability Check link on the right of page to check your browser.

If you browser is vulnerable to this exploit, you will see http://www.paypal.com displayed in the address bar, but the true URL of the bogus page is http://211.23.183.212/.,/l which resolves to the Chunghwa Telecom Co.,Ltd in Taiwan (clearly nothing to do with Paypal.com).

Any information submitted is processed through a script located on the same server as the bogus content.

If you have received this email, please remember that it is very common for these email scams to be redistributed at a later date with only slightly different content or the same but with the fake page(s) hosted by a different provider. Also, once you have received one of these hoaxes, it is also common place to receive at least another one and usually a day or two after the first, although not necessarily from the same apparent sender.

The Spoof Email ...

Dear PayPal user,

We recently reviewed your account ,and suspect that your PayPal account may have been accessed by an unauthorized third party.Protecting the security of your account and of the PayPal network is out primary concern.Therefore ,as a preventative measure ,we have temporarily limited access to sensitive PayPal account features.

To restore your account access ,please take the following steps to ensure that your account has not been compromised:

1. Confirm your identity by completing the account verification process.

2. Click the "Submit" button at the bottom of the page.You will be taken to the Data Security and Encryption page.

3. Login to your PayPal account and review your recent account history for any unauthorized payments sent or received ,and check your account profile to make sure not changes have been made.If any unauthorized activity has taken place on your account report this to PayPal immediately.

To get started ,please click the link below.

https://www.paypal.com/cgi-bin/webscr?account-registration

We apologize for any inconvenience this may cause ,and appreciate your assistance in helping us maintain the integrity of the entire PayPal system.Thank you for your promt attention to this matter.

Sincerely ,

Thank you for using PayPal!
The PayPal Team

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the"Help" link in the header of any page.

PayPal Email ID PP315

The bogus web page ...