Hi, I copied and pasted it here. Pictures not included in copy and paste "PayPal Security Flaw allows Identity Theft A security flaw in the PayPal web site is being actively exploited by fraudsters to steal credit card numbers and other personal information belonging to PayPal users. The issue was reported to Netcraft today via our anti-phishing toolbar. The scam works quite convincingly, by tricking users into accessing a URL hosted on the genuine PayPal web site. The URL uses SSL to encrypt information transmitted to and from the site, and a valid 256-bit SSL certificate is presented to confirm that the site does indeed belong to PayPal; however, some of the content on the page has been modified by the fraudsters via a cross-site scripting technique (XSS). The genuine PayPal SSL certificate used by the scam paypal-ssl.png When the victim visits the page, they are presented with a message that has been 'injected' onto the genuine PayPal site that says, "Your account is currently disabled because we think it has been accessed by a third party. You will now be redirected to Resolution Center." After a short pause, the victim is then redirected to an external server, which presents a fake PayPal Member log-In page. At this crucial point, the victim may be off guard, as the paypal.com domain name and SSL certificate he saw previously are likely to make him realise he has visited the genuine PayPal web site – and why would he expect PayPal to redirect him to a fraudulent web site? Fraudsters manipulating content on genuine PayPal site paypal-scam.png If the victim logs in via the fake login page, their PayPal username and password is transmitted to the fraudsters and they are subsequently presented with another page which requests them to enter further details to remove limits on the access of their account. Information requested includes social security number, credit card number, expiration date, card verification number and ATM PIN. The server currently running the scam is hosted in Korea and is accessed via a hex-encoded IP address. The Netcraft Toolbar already protects PayPal users by blocking access to this site. Netcraft's Web Application Security Testing service can identify similar cross-site scripting flaws on your organization's web servers. Please contact us for further information. Posted by Paul Mutton at 08:58 AM UTC on Jun 16, 2006 in Security | Link to this article | Subscribe"
I quite don't understand the story.. It seem too difficult english, too technical or too late here. hehe But it is quite seriuos story. I know many people that have not good skill of computer and internet got the fake paypal email and enter their information on the fraud page a lot of time.
Yeal all of you "Rio-Lindan's" out there heed the warning to not click on "email from paypal"...nuff said.
I still want to know how someone was actually able to hijack access to the actual paypal site, or at least access that looked like it was going to the actual paypal site.