It's very common to the point of passe' to get Pay Pal scams in email. They're actually getting less common as they are kinda patently obvious, and people are getting wiser these days and scammers seem to have moved on to Facebook viruses and breaking into Yahoo accounts. That said, there are always the Junior Scammers who are just getting their fingers going.
So in email, I receive something from allegedly from Pay Pal with the Subject line "Update your account"
Dear PayPal Member,
It has come to our attention that your PayPal® account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service.
However, failure to update your records will result in account suspension. Please update your records before June, 30, 2011.
Once you have updated your account records, your PayPal® account activity will not be interrupted and will continue as normal.
Click here to update your PayPal account information [link removed]
Now first of all Pay Pal says they NEVER send this sort of request, but that's not the only thing.
Key elements of a scam are:
- Vague "Dear Pay Pal Customer
- Ominous tone "Warning" "Account Suspension" "problems"
- Sense of urgency - you need to act now
- Some drivel about "protecting your account" for which their feet should be held to the fire for an extended period of time
Then the ominous tone becomes a joke. If you're not sure about something then try doing nothing and see what happens. If there's really a problem you'll get more email or even a phone call.
Then in these scams there is usually (almost always) a link for you to click on. The link may say "PayPal," but it's actually going somewhere else. You can try this link: PayPal
After you click on it, come back and just hover the mouse over it. You will see nowhereinparticular.com, which I assure you has nothing to do with PayPal.
So when you get one of these emails if it's not plainly obvious it's a scam, you can hover your mouse over the link to verify that it's not PayPal, though you have to be careful. Bad guys sometimes name things paypal.badsite.com, which is just them naming one of their hosts "paypal." The "paypal" has to be right before the ".com/" for it to be legit.