PayPal fails to follow its own anti-phishing advice
Hilarious! This has been reported and demonstrated over and again. My only conclusion is that PayPal themselves must be behind a good deal of the phishing and attempts thereof. It’s a Pavlovian thing. (BTW, ebay still does it too.)
What other possible explanation could there be?
If ebaY and PayPal were truly interested in combatting phishing they would send emails with no html, no links etc. No one should know that and be more aware than they.
Here are some highlights from the article posted on September 9 2010 on Helpnet Security
PayPal confirmed that the email is legitimate, but points out that it also contains the information that the users can type paypal.co.uk into the browser if they aren’t completely sure that the offered link is safe to click on.
“PayPal does not advise people not to click on links in emails, rather to exercise caution. Users are advised to check the URL of any link to make sure it does not direct them to something unexpected, as you know they can do this by hovering their mouse over the link,” it says in their comment.