PayPal scams are always flooding our emails and such, but it is being taken to a whole new level now. When users visit this site it has a genuine PayPal address (as pictured above) and the message says “Your account is currently disabled because we think it has been accessed by a third party. You will now be redirected to Resolution Center.” This message, however, is not actually inserted by PayPal instead it is inserted by the scammers using a cross-site scripting technique (XSS).
You are then forwarded from this page to the fake site that the scammer has setup. At this site you are asked for your username and password which then takes you to a site requesting your social security number, credit card number, expiration date, card verification number and ATM PIN. The external site is not able to disguise itself as PayPal.com but the scammer hopes that you will trust this site since you were just forwarded from a “genuine” PayPal page.
PayPal has already fixed the vulnerability and they are now trying to get the site shutdown which is located in Korea. PayPal says that they currently don’t know how many people have been a victim to this scam but thank goodness it is fixed!
News Source: Netcraft