^USPS - that's how you know it's real. I do not know of any company that will send you a notice via email to "update", "validate", or whatever, your personal information. If phishers were smart, they'd send a letter to have you enter personal information on a valid looking website and a similiar url.
I get phishing scams all the time from where I do online banking. The link is set up to look exactly like the login bank page. The important thing to remember is to never login to anything with your password through a link in an email. Always go directly to the site yourself, to check on your account.
Actually, I think I did get one of these in the mail less than a month ago. Bank One is becoming Chase, and I got a letter saying login to chasenow.com/login or some such URL to sign up for online banking and get a cash bonus. Morbidly curious, I checked out the site to see what it looked like. Then I noticed it was asking for my account number over a regular http protocol instead of the https protocol, and trying to convince me it was a secure connection by putting a big lock icon on the screen and telling me it was secure. And of course Chase bank uses chase.com, so I doubt chasenow.com belongs to chase.com. The icing on the cake was that chase.com domain's own online banking signup page was using https as you'd expect. I smell a rat.
One very tricky thing that some phishers are doing are that when you login to their fake website, they actually log you into your actual paypal account.
One simple thing you can do to reassure yourself an email is fake is to open up the message source in the email. Whenever you suspect a phish email, inevitably they will have a strange web address in there at the part of the HTML wherever the email has a link they want you to press, or a button to press. If using Outlook Express, right click on an email, select Properties, go to Details and hit Message Source button. Although you can view it all there, I find it easier to copy and paste it into Notepad and do a search for "http". Inevitably it will come up with an address you won't recognize.
Vwiggin- I get that email probably once every 2 weeks, personally, I wouldn't do anything with it. I checked into it once and something just didn't seem right, I've deleted them ever since and nothing has happened, yet atleast.
People still freak out at this stuff. I don't know why. If you get an email that says to click a link to verify anything account-related, go to the website itself or call them. Don't ever click links in emails to validate anything.
Thanks for the support guys, I'm feeling a lot better now. I do get these types of emails all the time (too many p*rn sites I suppose) but this is the first time they knew my first and last name. I edited out my name in the picture I provided, but in the original email, it says "Dear Vwiggin," which kind of freaked me out (Ok, my name is not really vwiggin, but it used my real name). Ebay hasn't returned my email yet. I hope it isn't a big security leak from them.
