Well also being a webservice provider, I knew it was only a matter of time before I came across a real phising scheme, and last week I did.

I was contacted by both Paypal and the Federal Police as an account on one of my servers was setup to be a fake paypal site and the addressed was spammed out. The account happened to belong to a client of one of my resellers. So I checked around, got logs, information and suspended the site.

Turns out the account was hacked into by a mob in Eastern Europe, Romania to be precise. Doesn’t suprise me but what’s to make it worse was the reseller knew something odd was happening to the account as the client hadn’t accessed it yet. Yet he failed to do anything.. Gah, people are so silly.