I almost got fooled by another one of those PayPal “phishing” scams awhile back. Below is a screen capture of the email that I received. Notice how the “Who” indicates that it's from “PayPal Customer Support” and the “Subject” line is “Security Notice No:15768”.
The scammers even included the warning:
PROTECT YOUR PASSWORD
NEVER give your password to anyone and ONLY log in at PayPal's website. If anyone asks for your password, please follow the Security Tips instructions on the PayPal website.
Hmmm… nice scammers! Fortunately, the Eudora email software saved my bacon… again! When I cursored over the link in the email this pop-up appeared:
The actual host http://www.qd-race.com/images/.www.paypal.com/index.html?cmd=_login-run is different from the host https://www.paypal.com/cgi-bin/webscr/?cmd=_login-run
If your email software doesn't do that, then it's time to check the full headers within the email itself.
The headers within that particular email contained “From: Paypal Customer Support
However, the real story was further below:
X-AntiAbuse: Sender Address Domain – ns2.73dpi.com
X-SA-Exim-Mail-From: international-express@ns2.73dpi.com
Don't get fooled!
Cheers ~ Ros