One has to be aware of phishing spams coming into one's inbox. A phishing scam is an attempt to capture your password or other information private information. In other words, it tries to fish out the information. Hence the term "phishing" with the "ph" replacing the "f" in "fish". And "phishing" is pronounced just like "fishing".
Google has a very good description of phishing attack here.
It starts by the attacker sending out fraudulent emails that looks like legitimate email. The email will try to trick you to click on a link that takes you to a website that also looks like an legitimate website. If you get fooled, you would be typing your password and other information into the false website -- hence being captured by the hacker.
If you found yourself accidentally typed in a password to such a false website, immediately go to the legitimate site where you normally use that password and change your password. Often your account can be saved simply by being able to change the password and locking out the fraudster faster than the fraudster is able to reconfigure your account to extract funds or perform other activities.
The best way to prevent being fooled by phishing attacks is to recognize fraudulent email and websites that pretends to look like the legitimate counterpart.
The scam starts with the fraudster sending out a fake "phishing email". This email claims to be and looks like an legitimate online business. It even has a correct "From address" of the legitimate business. But don't let that fool you. The "From address" is easily forged.
Here the email poses as PayPal. But it may pose as eBay or some bank, etc. PayPal and eBay are perfectly fine legitimate companies to do business with. They are often used by fraudster simply because so many people have accounts with them.
The first suspicion that this is a fraudent email is that it did not address me by name. Legitimate email from legitimate company will address me by name in an email. Second, the email in which this email was sent to was not even my PayPal email. Or you may not even have a PayPal account.
Note that the fraudster is not specifically targetting you directly, they send out millions of these email every day. The email prey on your fear by claiming that someone else had logged into your account at another location and that you need to click on the link to perform a "security check".
Do not click on the link!
In fact, do not open the email unless you have images disabled on your email client. If you open the email and have images enabled on your email client, the fraudster will know that you have opened the email and know the this is a valid email which they can sell to other fraudsters. If you want to determine for sure whether an email is a fraud or not. You can forward the email to [email protected] and they will tell you whether they sent it or not.
If you have images disabled on your email client, then there is no harm in opening the email. If you start reading the email and notice spelling and grammatical errors, that will be additional clues that the email is fraudulent. If there are links, do not click. But you can hover over the links with your mouse cursor. Most email clients will display the link destination url in the lower left of your status bar. If the url destination is not as expected, or if it is some obscure domain name, or if it is a variation of an legitimate domain name, then it is a cause to be suspicious. If you are unsure, type the domain name of of the link destination into McAfee Site Advisor and McAfee will immediate show you whether the destination sites is a phishing site or other spam related site.
You should never login to a site where you had arrived by clicking on a link. Always login to your legitimate online business by your own bookmarks or by typing in the URL yourself. Always watch the URL of your browser to see where links are taking you to.
Here is what you should look for in a legitimate PayPal site
If I were to do a "File -> Save As" an HTML file to my desktop, I can examine the code in the email. I make sure not to double-click on the file, otherwise it will open in my browser and alert the fraudster that they got a valid email address. I open it in a text editor and see that although the visible link between the <a> tags looks like a real PayPal link destination. The "href" value shows that it is taking you to a totally different place entirely.
Tutorial on How to Detect Fraudulent Emails
"Phishing Fraud" by the US Security and Exchange Commission
PayPal's anit-phishing guide
See "Anatomy of a PayPal Phishing Scam" to see how sophisticated some of these phishing websites can get.
