Security expert and malware researcher @dvk01uk reported a very unusual phishing attack on PayPal leveraging on Javascript to send the user to the promised PayPal site while their login credentials are being sent to an entirely different domain. The submit button goes to the legitimate PayPal WebSite avoiding to raise suspicious, but a javascript running on the page intercepts all posts to PayPal.com and diverts them to the actual phishing page to accept all victims details. The phishing is still a very profitable technique for crooks, phishers try to improve old tactic in a new fashion.”]
Source: https://securityaffairs.co/wordpress/48519/cyber-crime/paypal-phishing-technique.html