Wicked PayPal scam

I can't believe I fell for this, even after recognizing other such scams, but it's really good. I got the following email with a from address of service@paypal.com (apparently):

Dear PayPal user,


The password of your PayPal account was successfully changed on Feb. 10, 2004.


If you did not authorize this change, please contact the PayPal Team
using the link below:


https://www.paypal.com/us/wf/f=ap_default


This request was made by:


IP address: 68.63.158.173

ISP Host: pcp01261671pcs.nhaven01.ct.comcast.net


Thank You for using PayPal!


-------------------------------------------------------------------------------


Please do not reply to this e-mail. Mail sent to this address cannot be
answered. For assistance, log in to your PayPal account and choose the
"Help" link in the footer of any page.


It was formatted to look like a text email, but it was actually HTML, so the URL link actually directed you to somewhere else. The thing that got me was the "This request was made by." Since I'm not a Comcast user, my predominant thought was that someone hacked into my account, overlooking the fact that this was the hack. The page was a perfect version of the PayPal login page, so the first thing I did was enter my username and password. D'oh!


That presented a update your account information form, asking for address, credit card numbers, etc.


Luckily, that was too long a form to fill out without getting suspicious. It quickly dawned on me, and I realized I wasn't actually at paypal.com. But I already gave them my login. A quick visit to PayPal to change my password followed.


Man, these things are getting good. I can't imagine my mom realizing what was going on in such a scenario. Scary.