Just received a NEW scam letter. It seems it comes attachd with a VIRUS.
Notification of Limited Account Access PP-252-173-994
Then ATTACHMENT with PP HTM. It looks real enough as the links are hyperlinked to authentic
I got caught. On Feb 16, I received the same e-mail. It went through a verification process, with all the paypal logos, and was a secured site. Alas, they tried to buy a $400 gift card at Toys R Us online. Because I make purchases online, my bank credit card didn't catch it. Thank goodness Toys R Us thought it was fishy and called me right away.
I also received a variation on the New PayPal scam email advising "Your online access has been temporarily suspended". It does come with a virus and a phishing trojan but my antivirus caught it and labelled it. The email also comes with a red exclamation point indicating that the sender has given this particular email a high priority rating (found if using Outlook Express).
In the subject line my letter misspelled PayPal as PayPaI - first instance using the letter "ell" as the final letter but the second instance using the letter "uppercase i" as the final letter. Almost indistinguishable between the two letters in certain fonts, such as in Arial used here in this post.
A Whois Domain Tools search indicates that the email was generated in Turkey, sent via Saudi Arabia and through the IANA Loopback in California before hitting my web host's servers.
PayPal's setup won't let me permit the inclusion of the email header, which is a shame as it could help others who receive the email to spot the fake very quickly. So, all I can suggest is that, if you are using Outlook Express as your email client right click on the email title in your inbox and follow the link boxes until you get the full "Message Source" to display. You will immediately see at the very top a line for the return path. It will not have PayPal's address in it. It will be a different address entirely.
Good luck folks and don't be caught by this.