I get phishing emails all the time and thought I had them figured out. I never clicked the link in their email.... until yesterday. I had had a problem in the forced change of ebay and paypal passwords. Thought I had changed my PayPal password as well and tried to login with the new one but made several unsuccessful attempts before realizing that only the ebay PW had changed. Logged in finally with my old PW and then immediately changed my PayPal PW as well.

However, when I got the PayPal email, I thought it was in response to my password mixup, and did the wrong thing... did click their link, and I did give them all my financial data as "confirmation" of who I was. This was on a holiday, of course, and PayPal was not manning their security phones. I called them today and got the bad news: this was not their email, and they knew members were starting to receive them.

I now have to go to my bank, credit card, and credit services to change everything. What a mess!

Don't get caught by this one. It looks very official. No bad grammar or misspelled words. The URL associated with the link in the email even started with www.paypal.com, followed by a long string of characters.