Received this mail in my Gmail yesterday. Supposedly from PayPal. The pretend PayPal wanted me to update my credentials by login into a fake PayPal lookalike page.
Too most unsuspecting users the mail would have seem 100% legitimate as seen In the screenshots below. They would have given up their user names and passwords without even knowing what they had done.
Imagine the damage if IE, Firefox and most newer browsers have no phishing protection built in to alert the user about possible phishing alerts. You can see the alert in the screenshots below.
My Advice: Be very cautious when working on your financial sites. If you havethe slightest hint of suspicious activity, abort what you are doing and get in touch wiht service provider.
Remember, almost all financial and secure service providers never send out emails to their clients to verify user credential. If you do receive one then chances are it’s a phishing attempt.