Phishers are back to using an old tactic in a new fashion to get hold of their victims’ credentials.
One of the first lessons you will learn during anti-phishing training is to hover over the links in a mail to see if they point to the site where you would expect them to point. Although good advice, this is NOT a guarantee that you are going to be safe.
Always visit sites directly, never follow the URLs presented to you in emails or attachments.
Phishing definitionPer Wikipedia:
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.
BlockedWhile giving the site owner some time to clean up his site, users of Malwarebytes Anti-Malware Premium will find that the phishing page is blocked if they have the Malicious Website Protection enabled.
LinkThe original blogpost about this particular phish, including screenshots and code snippets, can be found here: Very unusual PayPal phishing attack