Hacker's ramblings

I don't know how they did it, but I received this e-mail into an e-mail address which I actually use for PayPal activity:

It reads:

Dear Customer !


Recentley we found suspicious activities on your account


So we decided to temporarly suspend your account until further notice


Please click link below and finish requred steps


Click here to update your PayPal account


Sincerely

The fake login site (obviously) doesn't have HTTPS enabled, or the address off http://www.verify-account-login2015centre.-removed-.com/verify-your-account-support/mpp/ doesn't have a single shread of trustworthiness in it. It looks like this:

The website of this login form is badly hacked/broken, the PHP-code on the other end gave only MySQL-error and didn't yield any useful information about it. In any case, I'd be ready to bet some serious money, the website once used to be a WordPress. The hacked sites always are.

Incoming e-mail originated from the same box. And to make sure I got the message, they sent me the same fraud twice. Also very typical for those phishing idiots. It would make the entire thing more believable if they didn't flood my box with the exact copy.

Of course I went to How do I report potential fraud to PayPal? to make sure PayPal gets a chance to shut that stupidity down.