We've now seen several phishing web sites that are using flash-based content instead of normal HTML. Probably the main to reason to do this is to try to avoid phishing toolbars that analyze page content.

Two recent examples, both targeting PayPal: www.ppal-form-ssl.com and www.welcome-ppl.com.

These sites look like the real PayPal front page, but they are actually Flash recreations.



When you type in login information, the SWF file displays a new page, asking for your credit card information.



Abuse messages have been sent about these sites. Thanks to Axel P for the heads up.