e.paypal.com Scam?

I received an email from "paypal" telling me my May account statement is ready to view. It strikes me as a little strange this late in June but whatever. I turned the google lab on to display a key next to paypal emails to authenticate paypal. This email I received looked authentic in every way (i edited pic in Paint which turned it into a super compressed jpeg)except that it came from an e.paypal.com domain. It also struck me as weird that the link in the email to log in is pointed at a secure session (https://email-edg.paypal.com/r/DXWSIIO7/NPZBI/NKSSIIG/GKP0I5/44RHO/AW/h) which when you go to the link it looks like a session you had and is asking you to log back in. It looks like a MITM (man in the middle attack) to me. I could be totally wrong but better to follow safe practices and open up a browser yourself and type in the paypal address yourself. Do Not Ever click on links emailed to you. If it's your friend emailing you a funny youtube link, ask them what it is first. Their answer will confirm whether it is from them or not. Email addresses can be easily spoofed through SMTP relays.

From Nov 19, 2011