Phishing sites are so common thesedays; I get around five to ten emails a day convincing me to give away my PayPal login details. PC World reports that Anti-Fraud Detection Center (AFCC) has caught someone selling Do-it-Yourself phishing kits online. Using these kits non-technical criminals can put up phishing sites easily. These kits are said to be very user friendly and work universally which means these kits don’t need to be custom built for each site.
Like all other phishing attacks, this kit also works by sending phishing emails which contains a link to the phishing site. The phishing site communicates with the original site in real-time to make the site look exactly similar and as convincing as possible.
PayPal is one of the most targeted sites. To fight phishers, PayPal and VeriSign have teamed up together to offer a security key fob which generates a new password in the form of a six digit code once in every 30 seconds. PayPal users will have to enter their username and password along with the six digit code generated by the device.
PayPal has been testing this security key fob with its own employees and plans to being testing with consumers next month. PayPal business account holders will get this “PayPal Security Key†for free, but Personal Account holders need to pay $5 to get this device.
Although this device won’t put an end to online frauds, it will surely reduce the rate of online fraud.

wrote, on January 15th, 2007
I’ve gotten those phising mails as well, so I’m glad that Paypal are considering different ways of handling the problem. I actually have one of those security keys for my online bank, while at another bank, I have a card with different codes.
wrote, on January 16th, 2007
Nice discovery!
wrote, on January 17th, 2007
well i am a business user of paypal but i am not a business premium user ! will they give me for freE ?
when is it rolling out ?
wrote, on January 17th, 2007
thilak you are right ! Paypal already initiated the process this webpage
https://www.paypal.com/cgi-bin/webscr?cmd=xpt/cps/general/PayPalSecurityKey-outside
but currenty they dont allow to order the security key
wrote, on April 12th, 2007
Cool stuff, wonder if it will be rolled out down here in Australia.