I have received some fake emails from Paypal, CIBC, and other businesses. They are not always easy to figure out.
They would put for example, http://www.paypal.com. If you right click on the link and click on properties, you will see that the actual website is going to be http://blog.asecurepc.com. Hovering over the link will also put the actual address in the bar below.
Many would try to trick you and put paypal.afakesite.com as the actual website. This sounds right, but it is not paypal.com. It is actually afakesite.com. paypal is a subdomain of afakesite.com. Like blog.asecurepc.com. blog is a subdomain of asecurepc.com. It forwards the user to http://aprivatebeach.com/blog.
In any case, if a company says that your information has been compromised, do a Google search and go directly to their website. Login to their website from the search and not the email. If there is a notice about your information being compromised on the actual website, then it is real. In most cases, sites such as Paypal will be first when a search for Paypal is done.
I always login directly to the site by using a search engine or looking at the actual credit card. If I receive an email about information being compromised, I use Google.
These guys are getting very smart and are using addresses that can seem real. The ones that I have seen so far:
Of course these are all fake. Therefore, never enter a website through an email. If you have an account with that company, use the actual address that you know is real. These domains may or may not exist. When a fake is found, it will be shutdown, but new ones always pop up. It could be that the sites listed above will have a new owner with no intention of scamming. This is common.