Our site was hacked tonight with the hacker redirecting our payment confirmation page to the following site where the payment was taken:
As you see it is a very good imitation of the official site! Paypal have been informed and are investigating. Many thanks to the keen eyed customer who brought this to our attention. Hopefully they will soon put a stop to this site.
Sudakoma- Wow. That is an amazing phishing site and I'm so sorry that happened to you. I'm glad that you reported it though and we'll see what we can do about getting it taken down. I especially like that down in the bottom left it says "TEST only". I mean, really?
We can report the same and this has occured on a number of eCOmmerce sites, across multiple servers
The "PayPal IPN" module is turned on, and the chosen URL for PayPal live processing changed to "www.pnypal.com"
During an online payment, if the user selects PAYPAL, they are taken off to the PNYPAL.com and them onto a Paypal account owned by <email address removed in compliance with Community Guidelines>
This is the account that needs to be reviewed by the Paypal security team
The Chinese recipient of the money 余 仙慧 translates as "Professor of Money" and his domain havemy.org is registered in China - looks like he has hijacked PayPal payments via some sort of share file hack, so they should be notified by paypal right!