I got this today in my spamfolder at gmail. I must say that they are good. When I followed the link netcraft toolbar and spoofstick reported that I was on Paypal.com I had the certificate lock and could check that the certificate was valid. Noscript blocked a script from something called paypalobjects.com (valid?) I am not that good at this kind of stuff, I wonder how they made it through netcraft and spoofstick... and how they got my gmail adress that I use in paypa) If I havent known that no serious buisness sends out this kind of messages, gmail´s anti-phishing filter warning me and the fact that it was in gmail´s spam folder, I might have got scared and done what they wanted. But this shows that common sense is the only defence against this kind of **** *edit* edited the link with *** just in case it violated some forum rules.