I just got several emails from service@paypals.com (note "paypals" not paypal) with the subject "Your account is limited", "Please restore your account access". The body of the email states:

*********************************************
Dear sir/madame,

As part of our security measures, we regularly screen activity in the PayPal system. We recently contacted you after noticing an issue on your account.



We requested information from you for the following reason:

We have observed activity in this account that is unusual or potentially high risk.

Case ID Number: PP-589-124-047

This is a second reminder to log in to PayPal (http://sv19.dfserver19.com/~chillout/init/w/webscr.php?cmd=_login-run) as soon as possible. Once you log in (http://sv19.dfserver19.com/~chillout/init/w/webscr.php?cmd=_login-run), you will be provided with steps to restore your account access.

In accordance with PayPal's User Agreement, your account access will remain limited until the issue has been resolved. Unfortunately, if access to your account remains limited for an extended period of time, it may result in further limitations or eventual account closure. We encourage you to log in (http://sv19.dfserver19.com/~chillout/init/w/webscr.php?cmd=_login-run) to your PayPal account as soon as possible to help avoid this.

To review your account and some or all of the information that PayPal used to make its decision to limit your account access, please visit the Resolution Center. If, after reviewing your account information, you seek further clarification regarding your account access, please contact PayPal by visiting the Help Center and clicking "Contact Us".

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

Sincerely,
PayPal Account Review Department

------------------------------
------------------------------ ----
Copyright © 1999-2009 PayPal. All rights reserved.

PayPal (Europe) S.à r.l. & Cie, S.C.A.
Société en Commandite par Actions
Registered Office: 5th Floor 22-24 Boulevard Royal L-2449, Luxembourg
RCS Luxembourg B 118 349

PayPal Email ID PP638

******************************************

If you following the link and type in your paypal userid and password it will no doubt be stolen and probably all the other personal info the link will ask you for to "restore your broken paypal account" :rolleyes:

David -

I've been an eBay and PayPal member since the early days (2000,2002) and these 'phishing mails' have popped up over the years.

For those who don't know, IF you ever have an issue with your eBay or PayPal account, you will be notified when you go to sign in to your account.

NEITHER site will ever SEND you a notice (outside of past due fees notices for eBay) if your account has issues. They will wait for you to access your account.

I report EVERY eMail like that I get to both eBay/PayPal and the the internet fraud sites so they can be investigated and prosecuted.

All the best -

Chris

Thanks for the heads up.
Two things people should ALWAYS look for is:

1. Paypal NEVER addresses you as Sir/Madam. They will ALWAYS address you by the name which you registered, which in my case is me, for some it may be your spouse, etc. This is a rule of thumb for most automated emails; they should always address you by your name.

2. The email address from which you receive an email from Paypal should
ALWAYS include ".....@paypal.com "

3. I myself, just to be 100% safe, never logon to paypal via email. If I receive an invoice from a seller I always logon manually through www.paypal.com. If there is an invoice or any alerts it will be there.

4. I always forward any phishing email to paypal via spoof@paypal.com
It takes 2 seconds and it will help others from getting scammed.

Hope this helps.

Goh Nishiyama

A good test at a website is to first sign in with a wrong password. The genuine site will say it's wrong and will tell you to long in again. A fake site doesn't know your password (it's trying to learn it to steal it, after all) and won't give you the notice that the password you typed in is incorrect. It assume you gave it the correct one.

I should add that I make it a regular habit to first type in the incorrect user id/password at most sites I use-- eBay, PayPal even auction sites. It takes ten seconds and if the site says the info you typed in is incorrect, that says you're at the genuine site.

Also, the note of not going to PayPal or eBay through the email link is a safe and standard idea. It's always best to go online and type in the address manually into your browser.

If you do the above two things, you should always be safe.

Lastly, I think the real PayPal uses your name (ala Doug E. Jones) in your emails.

One very, very last thing. The PayPal and such scams always act as if you have to act right away, right this very second, or something horrible will happen to your account. They want you to act before you think, so you do something stupid you will regret later. There will occasionally be genuine problems with PayPal or your bank or whatever, but these companie almost always give you a decent amount of time address the situation-- ala 48 or 72 hours. In other words, never rush. Even if it's a real problem, you have enough time to look before you leap.

As an aside, I remember when my elderly mother asked about a email she got that said her US Bank online account had been compromised. I told her not to worry about what the email claimed, as 1) She didn't have an online banking account and 2) Her bank was the University Credit Union.