Had one this morning which made me think twice, because I had in fact used paypal yesterday, and forgotten my password for a moment when I was doing so.
It has come to our attention that when logging into PayPal, you or somebody else have made several login attempts and reached your daily attempt limit. As an additional security measure your access to PayPal will be limited in a 24-hour period if you do not verify your identity.
http://secure.paypal-data.com
Then I had a second thought. The domain here, paypal-data.com is surely the sort of thing that Icann is meant to stamp out. There’s no possible honest reason for Reseller Reising, Inc., 6815 Hoxey Dr., Worden, IL 62097 to register that name. And even if Paypal’s lawyers weren’t all over them (it was registered a year ago) what were Canadian registry sellers, Domain Direct, of Mowat Avenue, Toronto, doing selling a name like that?
Very probably, it’s easier to get paypal-customerservice.com — which is a first-class phishing address — than paypalaregreedythieves.com, even though that could hardly mislead people into supposing that it’s an official paypal site.