I got an email today, supposedly from Paypal, saying there's been some suspicious activity on my account and that one of the cards associated with my account has been identified as lost or stolen.

The email looked really authentic - it even had sidebars about protecting yourself from fraud - in very small print - but the button to click to go to paypal and confirm your account info. was HUGE!!

On closer examination the email came from "paypal@service.com" rather than "service@paypal.com" and the URL that the link led to is http://biomeditech.com.tw/manual/.cg...msg/login.html

interestingly enough, when I clipped the URL down to just the ...biomeditech.com.tw it goes to an open webmail login page.
Add /manual/ on the end and it goes to an apache server portal page.

All this being said - what are the initial steps one would take to start researching and tracing the origins of scams like these??

Thanks to all respondants, Be careful everyone ...