Quote Originally Posted by kpaske
Like nfpgasmask stated, the easiest way to identify bogus links in your e-mail inbox is to roll the mouse over the link WITHOUT clicking - the status bar at the bottom of your browser will show the ACTUAL ADDRES
There have been browser/email client bugs that allowed these jerks to spoof that, too. Doubly so if you have javascript enabled.

As others have said, NEVER click on a link or enter into a form from email. Go to your bank, paypal, ebay, whatever directly by your normal, trusted route and navigate from there. Nothing else is really safe.

I think Ebay has a nice page on how to look at your email headers to truly determine whether or not the message is spoofed. That said, I've even seen some rather convincing headers before, which in reality isn't that hard to do (but there's always some evidence unless you crack the spoofed site's DNS). I'm a Unix Sysadmin though, so I've been reading email headers for years. It's not for the faint of heart.