This is another extremely common phishing attempt.
The email that gets you concerned about your paypal account in the hope that you will login from said email, thereby giving your username and password to the scammer –
Unauthorized access to your PayPal account!
We recently noticed more attempts to log in to your PayPal account from a foreign IP address.
We recently noticed more attempts to log in to your from a foreign IP address.If you accessed your account while traveling, the unusual log in attempts may have been initiated by you. However, if you are the rightfull holder of the account, please visit Paypal as soon as possible to verify your identity:
Click here to verify your accountYou can also verify your account by logging into your PayPal account at https://www.paypal.com/us/.If you choose to ignore our request, you leave us no choise but to temporaly suspend your account.
We ask that you allow at least 72 hours for the case to be investigated and we strongly recommend to verify your account in that time.
Thank you for using PayPal!
The PayPal Team
Please do not reply to this email. This mailbox is not monitored and you will not receive a response. For assistance, log in to your PayPal account and choose the Help link located in the top right corner of any PayPal page.
To receive email notifications in plain text instead of HTML, update your preferences
The live links in the above have been removed, however, they pointed not to Paypal but rather to http://c-24-3-155-5.hsd1.mn.comcast.net:82/pici/
The email header has been properly spoofed in this one for a change. The scammer has actually got it to look like the email originated from email@example.com!!
The above comes as an html based email, pulling the images direct from the official US paypal site.
However, the scammer was dumb enough to pull the image for the footer part from his own site, thereby leaving the url in the message – http: // madrid.freeownhost.com/norman/mail.php?id=aol_duminica