I've had a few similar recently just "confirming" my purchase of some random product but using pretty much identical to real PayPal design. Occasionally with clearly bogus foo.bar@gmail or similar reply-to address though at this point given decent account security on PayPal (password manager for password, 2fa, etc) mean I just assume that such emails are bogus until proven otherwise.
At the same time though I keep coming across companies that insist on using designs that trigger my "this is phishing" alarm bells because for whatever reason they insist on using links to the company that they contracted billing to instead of, you know, the company I did business with.
It seems especially prevalent among, of all groups that should know better, medical companies[1]. So say I had a visit with The Awesome Doctor Company, I'll get emails that for "privacy" reasons saying "You have a balance due at wedopayments.com", or "billing-awesomedoctorco.com", etc the latter being one of the most common things phishing emails do (I think I've actually got billing-paypal.com or similar at least once).
[edit:
[1] Ah ha, found the actual site, so remember I got an email saying "you have a balance due", that included no other details to peryourhealth.com. Which was for the company "East Bay Anesthesiology" (which I also didn't know of/about, but Sutter Health just silently outsourced that part of operation to them, didn't tell me, and then had them bill me directly and separately??!??!!? God I hate the US healthcare system)]
At the same time though I keep coming across companies that insist on using designs that trigger my "this is phishing" alarm bells because for whatever reason they insist on using links to the company that they contracted billing to instead of, you know, the company I did business with.
It seems especially prevalent among, of all groups that should know better, medical companies[1]. So say I had a visit with The Awesome Doctor Company, I'll get emails that for "privacy" reasons saying "You have a balance due at wedopayments.com", or "billing-awesomedoctorco.com", etc the latter being one of the most common things phishing emails do (I think I've actually got billing-paypal.com or similar at least once).
[edit: [1] Ah ha, found the actual site, so remember I got an email saying "you have a balance due", that included no other details to peryourhealth.com. Which was for the company "East Bay Anesthesiology" (which I also didn't know of/about, but Sutter Health just silently outsourced that part of operation to them, didn't tell me, and then had them bill me directly and separately??!??!!? God I hate the US healthcare system)]