Phishing schemes have been using replicas of eBay and PayPal emails, complete with the real links and images, for a while. I got one from Korea today with two interesting features:
- It actually said to click the link or type in the address manually, trying to dupe the victim into thinking the link must be legitimate.
- The email template they stole included a real link to eBay’s spoof detection page.
As usual, I turned on all the headers and forwarded it to spoof at ebay dot com. If Meg paid a bounty on these, I’d be a rich man!
