I love spoofstick! Shows the actual domain holder as connect3.com.
If this has already been reported, then my apologies, but this is the first I have received of a new variant email attempting to get my credit/debit card details from a PayPal membership account.
It's sneakier than the first, in two ways.
1] It is asking for debit/check card details, ''because'' of reports of stolen credit/debit cards being used to purchase or sell non-existant items, (presumably in eBay). It asks for our card details to identify us.
2] The link address under ''clicking here'' is
h t t p ://paypal.connect03.com/cgi-bin/webscr.html?cmd=_login-run
which very closely resembles the format of their home page address, ie,
h t t p s ://www.paypal.com/uk/cgi-bin/webscr?cmd=_login-run
So, beware any emails received from PayPal or any other organisation where finance is involved, that they are genuine.
PayPal themselves say if they did send an email to a member, they would use the member's own name or Corporation name, as appropriate, but in my own case, even if got such an email, I would question it with PayPal first.
The email I received is below;
-------- Original Message --------
Subject: New Security Requirements
Date: Sun, 12 Jun 2005 11:12:54 -0600
From: PayPal <email@example.com>
Reply-To: PayPal <firstname.lastname@example.org>
Dear valued PayPal