Re: It's 2017 and you can still be pwned by a forged email header
"People opening mails from paypall.com or paypal.be (im assuming paypal dont own all tlds)"
They own paypall.com and paypal.be is "not available" so I guess they've got a lock on that. In general someone in Paypal's position will be pretty thorough at getting likely faked names under control. If they miss one and assuming verification were de rigeur then anyone wanting to use one would have to register it themselves and leave some sort of trail for fraud investigators. At present it's not a problem for spammers to simply put in paypal.com as I'm sure we've all seen multiple times.