Hopefully it goes without saying that PayPal is a safe viable way to handle online transactions-- but you as a consumer have to be smart because there are thieves out there trying to access your account.
BE SUSPICIOUS with ANY email that asks you to log into ANY account you have. I myself, who I would consider fairly savvy got snookered when a friend's TWITTER account got hacked and they sent me a message saying I can't believe so and so wrote this about you in their blog-- so I clicked the link to read it-- and sure enough, got hacked.
The important thing is to take a minute before you respond to anything. Be wary.
MOST of these attacks come from countries where English is not the first language so they usually are laughably phrased, but sometimes they look good.
Let's take this one that came in on Sunday Feb 1st.
There it is among my regular email-- a message that seems to come from PayPal itself telling me there has been unusual activity on my account which needs my attention.
So I open the email-- and look for clues.
At first glance, this looks like a real email PayPal might send.
BUT here's the big warning-- it's asking me to click on a link to log on to my account.
DON'T EVER DO THAT.
Instead, if you're not sure, close the window and open a new window-- maybe even in a different browser-- go to www.paypal.com and log in manually yourself. NEVER NEVER NEVER do it from an email.
Now a closer look at this email reveals the real tell.
Return address-- SERVICE@PAYPAL.COM
Sounds right enough-- but then look at the actual LINK email-- it's a random ass email from who knows where.
So-- fraudulent indeed.
I forwarded the email (as you should to) to firstname.lastname@example.org and they will investigate and get this clown shut down.
Sadly, the thieves will try again from a different domain.
So be smart folks, and take a minute before reacting.