http://211.114.61.195/css/.verification/hide/index2.htm
I'm contacting PayPal and nlc21.com, owner of the server hosting the file (probably compromised).
On Apr 14, 2004, at 5:47 AM, [EMAIL PROTECTED] wrote:
We recently reviewed your account, and suspect that your PayPal account may<br>
have been accessed by an unauthorized third party. Protecting the security<br>
of your account and of the PayPal network is our primary concern.<br>
Therefore, as a preventative measure, we have temporarily limited access to<br>
sensitive PayPal account features.<br>
Click below in order to regain access to your account:<br>
<A HREF="http://%32%31%31%2E%31%31%34%2E%36%31%2E%31%39%35/%63%73%73/ %2E%76%65%72%69%66%69%63%61%74%69%6F%6E/%68%69%64%65/ %69%6E%64%65%78%32%2E%68%74%6D" onMouseOver="window.status='https://www.paypal.com/cgi-bin/webscr? cmd=_login-run'; return true">https://www.paypal.com/cgi-bin/webscr?cmd=_login-run</A>
<br>
-- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter hand-held Network Tester: http://sniffter.com/
