This is nice. I was checking my email, and I see an email supposedly from firstname.lastname@example.org . In my Bulk Mail folder. And I don't even have a PayPal account. Of course, they want you to folloe a link to their site and sign in to 'verify' your account. The link they gave is http://18.104.22.168/verification.paypal.com/ . Simply going to http://22.214.171.124/ gives you "Test Page for the Apache Server on Red Hat Linux". I wonder how long before someone with half a brain gets pissedat them and hacks them bigtime? You know, delete the info they've already stolen, let some virii loose on their setup, change the fake login page to say "this is a scam" in big red all-caps letters, maybe put something funny on their main page, perhaps share mp3s on their server, those sorts of things. In theory, I could probably easily download some tools or something to break right in, but I'd rather leave it to people who actually know what they're doing, instead of being a lame 'skript kiddie' or whatever they're called now.