I recently got a another of the standard phishing emails for Paypal, directing me to https://email-edg.paypal.com, which redirects to https://view.paypal-communication.com, which has a PayPal EV certificate from Verisign. According to this post http://www.onelogin.com/a-paypal-phishing-attack/ it may or may not be a phishing attack (no-one's really sure), and this post http://www.linuxevolution.net/?p=12 says it is a phishing attack and the site will be shut down by Paypal... back in May 2011.
Can anyone explain this? It's either a really clever phish (or the CAs are following their historically lax levels of checking), or Paypal has joined the ranks of US banks in training their users to become phishing victims. Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography