Great! Somehow someone on ebay got my email address and I kept getting 5-6 'you need to log in to keep your paypal account current' emails. They look so good that it is no wonder these sites can do so well.
Bearing in mind that the vast majority of phishing sites visually resemble a well-known corporate entity I've often wondered why more hasn't been done in the past to block this automatically. How hard is it for a browser to decide if a given page looks like paypal but isn't at paypal.XXX?
Ebay just recently closed a hole that was really making some phishing sites loook good. There was a CGI script on ebay.com that worked as a redirect method, you could hit that URL that was a http://www.ebay.com/cgi-bin/some_method
Then though it was passing the URL of the phish site and Ebay would redirect you to the phish site. It was pretty smart because you got an email with links in it and if you moused over the links you would see ebay.com in the URL and you would think it was really going there, and it would it would just hit the redirect CGI and send you off ebay and to the bad guys. I was keeping my eye on that method, Ebay has made it smarter now.
[edited by: encyclo at 5:09 pm (utc) on Mar. 13, 2006] [edit reason] delinked [/edit]