I am going to assume that since this has happened to me, it may happen to some of you...
I was going through my email last night, when I came across a very authentic-looking email from PayPal. It stated that on 3 January 2009, an unauthorized account accessed my information and, as a security measure, access to some of my more sensitive account information would be denied. The message then informed me that in order to unlock these security measures, I would need to click on the link provided and re-enter my account information.
Naturally, I was concerned, so I opened a new tab and logged into my account
directly through the official PayPal site. When I arrived on my dashboard, there was no mention of any security breach. I then clicked on the History Tab and checked my entire History. Everything was as it should be.
Thinking something may be a little "phishy", I located the Security Tab on the Left Sidebar and clicked it. I then Located a tab for Reporting Phishing Scams and clicked that. I followed the instructions, which stated that I was to forward the email to them and then delete it. Later today, this is the reply I received from PayPal:
Thanks for forwarding that suspicious-looking email.
You're right - it was a phishing attempt, and we're working on stopping the fraud. By reporting the problem, you've made a difference!
Identity thieves try to trick you into revealing your password
or other personal information through phishing emails
and fake websites. To learn more about online safety,
click "Security Center" on any PayPal webpage.
Every email counts. When you forward
suspicious-looking emails to firstname.lastname@example.org,
you help keep yourself and others safe from identity
Your account security is very important to us, so we
appreciate your extra effort.
I know you are already aware of this, but I feel that I should reiterate it anyway: whenever you receive an email such as the one described above, NEVER follow the link provided. Always open a new tab and go DIRECTLY to the official company website. If everything looks normal, then contact the company directly and let them know about the email you received. More than likely, they will have links that you can follow to report the suspicious email.
I realize that many of you out there use PayPal, so please pass this warning along. For Esty Shop Owners, please pass this warning along in your forums.