I was very nearly Phished today. I received this email: I searched for the link they wanted me to click, and it turns out it is a scam, I don't know how they are using the PayPal domain name, but they are very clever, so watch out if you receive an email like this!
The basic rule of receiving any email from a financial type site (paypal, online banking etc...) is to NEVER click the link. Just log in the normal way at https://www.paypal.com/. If there are any problems then instructions will be given when you login.
That is obviously a scam. The "you give us no choice but to suspend your account temporary" gives it away. As for the link, if it's a HTML email it's easy to use the real address as the anchor text while sending you off somewhere dodgy. ie. <a href="www.somescamsitemongrel.com">https://www.paypal.com/us/cgi-bin/webscr?cmd=_login-run</a> Code (markup):
when i point ot it, it show me the real address in lower explorer bar. or maybe it's because he didnt' copied it directly from email though. ^^
Report this to paypal these guys will get time in jail for fraud as long as there not in china or somewhere!
I always click on them. Then I do a few checks, if its a phishing site (almost always easy to tell), then I report it. Firefox provides a great method to report, click on Help - Report Web Forgery. All future visitors using Firefox will be told that this page has been reported as a web forgery.
ALWAYS make sure the your on the correct website. You may have been redirected to a scam site looking exactly like the main one and have minor differences (example: www.paypai.com or something that looks like it). I know it seems pretty obvious, but heaps of people forget to do it.
An easy thing is to watch the redirects via the status bar. Usually the links on the pages will be real, except for the one going to their bad url. If in doubt, contact the "bank" directly. If you do make the mistake of filling in valuable information, then you'll have to work fast to cancel credit cards, change passwords, fix and monitor your credit, and a huge amount of other things. Be careful!!!
The easy way is to just delete any email from a financial organisation. They are generally all full of rubbish anyway. If they need to tell you something they will call or tell you when you log in the real way (by typing in their domain manually).
Well he's only copied the email text and vBulletin has interpretted that as a link. The real address is hidden in the HTML which is lost when doing a copy & paste.