I received 2 emails tonight from PayPal for a charge...$450 or so, same product. Both emails were absolutely perfect and contained a PDF “bill” (didn’t open). Checking the header info, the emails were sent to an address I own...but not the address I use strictly for PayPal. Deleted them.
Smart move, and I guarantee you you’ll see it again.
One phishing attempt I got was how I needed to confirm my account/password for some site/account. It almost sounded legit. The sender’s address looked legit on the email app, but inside the email it was broken out and was some Korean-sounding name @ some Korean-sounding domain. No way. But I see how someone could be fooled long enough to fall for it.