Warning to PayPal customers: Don't click on that!

An article in Wired describes a series of social-engineering attacks on PayPal users.

The attack is based on supposed "Security Alert" messages that are received by users and include Visual Basic components in them (.vbs files).

If you receive a note that appears to be from PayPal telling you that you must click on a local file, Don't Do It!

The files aparently start a keyboard tracker and then link to the paypal site, creating a situation where you will type your user name and password, thus inadvertantly giving it to the people who sent the program. NOT a good thing.