i believe a patch for this may have been released this week. have you run windoze update recently?

it occurs to me this isnt exactly a bug.

if i make an html resource:

<a href="www.paypaltostealyourpassword.com">www.paypal.com</a>

it's essentially the same thing. and can be just as "dangerous" to the feeble minds.