From last one month I was getting mails from an unknown spoofed email id regrading a paypal warning with subject "Your account has been limited until we hear from you !" Guess what, even I am not using that email for my Paypal account, from here I just judge that it's a regular spam mail and ignore that most of the time week before.
Today I again receive a similar mail, and this time I was amazed to notice a tricky URL given in mail to click, as shown in the screenshot. Cyber criminals start making some very smart spoofed URL in sub domain, that can trick most of the victims ( even me for a second ).
Phishing is not just a small-time operation. Phishing is a business, and billions of dollars are being made by criminals while consumers and businesses are left to suffer the consequences. There are gangs of phishers organized all over the world. I was estimating that, if phishers are flooding out 50000 email viewers a day, this trick will surely work on atleast 1 % users = 500 victims, i.e if each have minimum 100 USD in each account, then per day income of an phishing criminal is, $500 x 100 = $50,000 / Day - COOL ?
Anyway, I am not counting benefits of being an online criminal :P , coming back to point -- A smart trick to abuse URLs .