Just wanted to throw it out here, it might be old news to most users but if even one person is given warning and manages to be on guard it'll be worth it.

For some time I had been receiving regular emails in my account from paypal. These were a bit strange since they offered me discounts and special offers on products and services which don't really fit in with paypal's business model. But the emails were so exquisitely crafted, with every single detail perfectly reproduced and even addressing me by my real name which only paypal should know, that they seemed 100% genuine. I dismissed them as being a sort of added services, kind of like a newsletter from paypal and didn't give them a second thought.

The other day however, one of the emails prompted me to check my account activity, not my balance, not my credit or bank details, just my activity. I felt a bit confused, but proceeded to check it out nevertheless. Out of good practice, I opened a new tab and typed the paypal url manually instead of clicking on the provided link in the email. That proved to be my salvation, since at that point I had no reason to think that the email wasn't actually genuine.

After checking my paypal account and noticing that nothing was out of the ordinary I went back to the email and double checked it again, why would they want me to check my activity? That's when I noticed it, and I slammed my face on my desk at my idiocy. The sender's address was E.paypal.com that one letter was what made me think it was a phishing scam. Some research thanks to google later, I confirmed it. The emails as I said are exquisite, they are finely tailored and reproduce to the letter the typography and format of a paypal's email. The bit that scared me however, was that they were addressed to me personally using my real name and citing my account details. The provided link to paypal was the scam's trap, since it referred to a page, virtually identical to the paypal.one. Just with a still image instead of an animated background and with a hodgepodge of text in the url bar. It provided your correct email address/username for you and prompted you to type your password, at which point they gained access to your account.

Annoying as well is the impression that paypal seems to be doing nothing. Forum users over the net are complaining at the far too high quality of the forgeries (not your usual, prince of Nigeria letter), the fact that the phishing emails included personal account information (like my real name, how did they get that?), and paypal's apparently tight lipped policy about it.

In short, beware any and all emails involving services that deal with real money, even if they do seem 100% legitimate. And never EVER blindly click on any links in your emails even from senders you think are genuine. My slightly paranoid practice of always typing urls manually when dealing with password protected sites proved out to be fully justified in the end.

I apologize if this has been addressed at another thread, but a quick search didn't yield any results.

I am even getting paypal scam mail that seems to come from my own adress, i am getting spammed alot with those paypal mails, same goes for apple. and yes it doesn't seem they are doing much about it.

Very tempting to just not use paypal anymore, block any mail with paypal in the subject and be done with it but there are not many good alternatives.

I get them and immediately bin them. If I have any real problems with Paypal usually Paypal themselves get in contact! :P

Can anyone please explain to the interwebs-illiterate me how anyone manages to get an apparently real e.paypal.com address without paypal's consent? I mean, if it were just browser scripting fuckery, why not fake the actual paypal.com?

they can even make it so the email seems to come from yourself.

There can never be too many warnings about scammers/phishers. +1 to you. Well, done. Safe net is good net. :)

Ah, they faked the email headers (but not well enough, perhaps to confuse security filters) and the actual phishing landing site is something else entirely?

Don't apologize, you are doing the right thing. This kind of posts should be everywhere. People should become suspicious about the emails they receive. And most of all, they should be careful what kind of links they click on. We live in dangerous times!
Scammers are everywhere!

I had a rather threatening email from PayPal at one point accusing me of being business with Iran, and asking me why I was logging into my account from Tehran. I get so much spam and phishing mail that I immediately just wrote it off as a scam until I went to buy something from GOG, at which point I got the same message that my account had been locked for unauthorised access.

I had to provide an email statement acknowledging that I had nothing to do with Iran and that it was likely that my account had been hacked. Actually, the email didn't allow for that - it demanded to know what exactly my business was in Iran - but still, I confirmed that I have no business there (at least not anymore, and certainly not through my PayPal account).

In the response I did actually ask for more details about the login attempts, but they obviously cared more about this embargo thing than on actual security.

Faking the "from" email address is one of the easiest things to do, especially if the server allows relaying (which it shouldn't). But what Starmaker says is that e.paypal.com shouldn't be available, since it's a subdomain of paypal.com. It would be as if I could get a jmich.gog.com domain without GOG's consent.

But if you get an email saying something like that, you should check your account on the official website... not through a link an email. I wouldn't trust an email in this day and age.

The epaypal scam has been around a long time. From time to time I still get them, too. They get trashed immediately. Best advice anyone will give is never click and log in from links provided by suspicious emails... no matter who it is. If you have an issue with an online merchant, you can always check that problem with your account at the actual site itself. Secondly, almost all online retailers will have policies stating that they will never ask you to update your account or provide sensitive data using email or sent url links.

i don't know what is easy and what not, i have no knowledge whatsoever about it but my guess is they could fake anything.
all i know is they seem to have severe security issues.

i suggest he should just send it to spoof@paypal.com .

Exactly as others have mentioned - NEVER click through the email.

ALWAYS go directly to the site yourself and check.

Phish emails are getting more and more 'exquisite'. If they weren't exquisite then it would be 'obvious' they are not real. no?

Same for scam/phishing calls. Say you happen to answer the phone because the Caller ID (easily faked) shows your credit card company. And they exquisitely give you some bull about your account. Even if you think the call is LEGIT, don't deal with it on that call. Instead, turn over your credit card and call the 800 number on it.

Simple advice (go there yourself. Call them yourself).

I guess this is the first 'exquisite' phish email you've received. I suppose for many folks it would not be worthwhile posting a thread for every exquisite phish email they get (well, okay, speaking for myself - I get plenty of them. And I just delete them. Or if I wonder if it's true that I need to check something with an account, I go there myself and deal with it.)

ALWAYS follow the advice you've been offered ITT. No matter how exquisite the situation seems.

The worst thing is that you'll never be 100% safe on the internet. Information is easy to fake when you articulate it in a seemingly coherent manner...
Still, there's just one good phishing method :P https://www.youtube.com/watch?v=mmxHvGCo2wQ