Sounds like pfishing to get your login. I hope you didnt use the contact in the email to reach PP.

I get stuff like that and I've never even registed with them. Get tons of Amazon related pfishing lately too.

It does indeed sound like Phishing. If you did anything from that email that involved logging in, change your password right away!

I get quite a few emails from people claiming to be paypal.The most recent was very convincing. The email title was..

"Paypal: We have refunded your customer"

The email its self stated a customer has made a complaint and has been refunded. For more details and to appeal please click here to login to your paypal account.

^paraphrased

Ironically the email also include some copy paste from Paypal regarding avoiding phishing scams.

Always check your email very carefully before doing anything!

Mack.

It seems that it was a phishing attempt but the actual links in the email were all to the real Paypal website. That was what I couldn't understand.

but the actual links in the email

Just in case . . . are you sure? Many of these are links like

<a href="http://paypal.example.com/login">[real PP URL here]</a>

They are **extremely** crafty at this, some of them I've had to stop and really look at the URL in the href. If a mouse-over doesn't show the real URL in the status bar at the bottom, you have to view source.

I've even seen some with some proper links and only one or two to phish sites. On mouseover, my mail clients pops up a tooltip, "the web site link is not the same as the text link."

To simplify, PayPal does not send email. They manage your account by access or non-access...and your login page will tell you why you do not have access. There are no PayPal emails. Keep that in mind and there will be less to worry about (delete!).

[added] PayPal does not originate email to clients. They will respond to email YOU send them.

What is most embarrassing to me is that I was actually just about taken in with this and I considered myself to be very streetwise WRT phishing. A lesson to all of us perhaps.

Not to worry in that regard... all of us, at one time or another, have either been waylaid or just barely avoided it. Been there, done that. Phishers are very clever. It is the bait that makes it attractive. Long time angler myself, but lures are silver spoons, flies, gummy worms, live bait, and at the end of that exercise I get a meal... usually red snapper (Texas Gulf Coast) or crappie (Texas lakes).

To add a little to what tangor said, Paypal will send you emails for transactions payment received, payment sent etc, but I don't even open these. All the information you could need will be in your messages center within your account.

Mack.

Mack, thanks for that add... PayPal does indeed notify payment sent or payment received... but those are already noted in the account transactions, thus I have to modify my statement regarding email from PayPal. In those two instances they send... but if there is a problem with your account they do not send emails, they just take the money away or lock it up so you can't get it if there is a problem. Been there, done that... and usually takes 60 days. I always win, but they had my money for 60 days and earned interest on that while I could do nothing. But you play the game and take your chances....

One relatively clear sign of a PayPal (and other) phishing schemes are the general email. PayPal themselves note they will address you by your name in the email. If the email doesn't then it should be very VERY high on your suspicion list.

The real name is no guarantee. I get regular spam using my first and second names.

I know it's not a guarantee but for email from PayPal it is relatively assured. Likewise for other online services that you have legitimate accounts with. They aren't likely to send you an email without using the name you registered for an account with.

The inverse of this, as you pointed out is the use of your name for a wide variety of spam. My thoughts on this is that if you work online as we do, your name is out there in various forms. But my formal name - the name I sign checks with and register for bank accounts with is not. I do not use it any place except those institutions. I never see it used in spam - because it's not publicly available. So when an email comes in with the name I use for signing up on a discussion board or to create an account at an online store, I know it's likely spam. I've even gone so far as to use my name at suspicious websites and use a different middle initial at each one to see who's selling my email or has security issues. Very informative.

What is most embarrassing to me is that I was actually just about taken in with this and I considered myself to be very streetwise WRT phishing. A lesson to all of us perhaps.

I'm embarrassingly familiar with that feeling. Got phished for our Google Adwords login a while back. It is very easy to be dismissive of phishing attempts, but when you get a legitimate looking email from a company you do business with, on a subject which happens to be reasonable for them to be communicating with you about...

Next thing you know you're advertising an "anti" virus product with a $2000 USD a day daily budget...

I've even seen some with some proper links and only one or two to phish sites

I got one like that also. Every link but the obvious to click on one was real. They were even using graphics from the Paypal site. The message was so convincing - but then I opened a new window and logged into paypal directly. No corresponding message in my account. I had to view the source to see the camouflaged link. I was almost taken in, scary.

I got several emails like that but luckily on receiving the first email noticed a different website link. After that everytime when I receive mails like that I login to PayPal using the original site address. If there is any issue you can find the notificiation within your account with PayPal.