If it can happen to Paypal, it can happen to you. Netcraft reports that their anti-phishing toolbar detected a cross-site scripting technique that a Korean hacker placed onto the Paypal main site that gathered user data. This one was pretty sneaky in that you get the valid Paypal SSL certs and appropriate warning messages, then the exploit takes over and presents you with the phony pages.
While I am not a big fan of the Google/Yahoo/MSN toolbars cluttering up your browsing landscape, this may be a reason to download and install the Netcraft version. Netcraft, for those of you that don’t know, is a fine upstanding company that produces those wonderful Web server population surveys for many years.
Pingback: Time to say goodbye to Paypal | Web Informant