I just received a phishing scam email that pretends to be from PayPal. And the hyperlink in the email leads to a phishing site has SSL certificate. And it seems the certificate is issued by “Let’s Encrypt”.
The URL is: “paypal.com.webapps-mpp-accounts.com”. Add https will display the SSL certificate.
Of course the site’s login page cannot verify your login credential. But if you happened to entered your real login credential, they will keep the record and they’ll have access to your PayPal account later.
I figure I should warn you guys incase you haven’t noticed this. I’ve sent an email to your email@example.com but it bounced back. So I registered and posted here.
C6, a random web dev