I sent a private reply to Sally. Everything Gary wrote is spot-on. I'd only add: personally I always approach paypal via the link on the home page of ebay.com . The url should begin with "https" (for "secure"). One can and should forward suspicious msgs to paypal via [log in to unmask] , include the headers if you can-- other financial outfits probably have something similar.