Seemed a simple enough question? Contacted you via e-mail, phone call, public shouting, courier pigeon?
Oh right, didn't get that. Anyway, it was some time ago so I'm not sure if I got a warning mail, probably yes. But after logging in it took me through the verification process. Yes, it was paypal website, with valid certificate. And there wasn't no activity on that credit card either.
I never made that accusation. Some of the scams I see bombarding us are now becoming increasing sophisticated and authentic in appearance. As for sending scanned copies of documents, where is that file now? Is it the only copy? If identity thieves get a hold of that plus publicly available details they have scored a home run.
I know you didn't, just kidding. Yes there are sophisticated scams, but I do not know of anyone with quantum computer that can break paypal's certificate private key. (Although, some cheap cert authorities will sign anything, I saw a blog post where someone got google.com signed for a few bucks. Yes, that CA was/is probably in your browser's root list. That's why you should check every cert you use, or remove some CAs from the root list.)
About the documents, no idea where they are. I just checked my scanned images and since I don't scan much stuff I was able to find that, looks like I only went with the bank statement (you could do either, or even utility bills or something) so no passport. I blacked out my transactions, left only the relevant stuff.
The account is dead, since I can't even close it. The files are probably living on some paypal server, waiting for review ... Maybe they automatically delete them after some time, no idea. There still might be backups of it that will stay forever but I wouldn't bother backing this up, no idea what they policies are.
But I couldn't care less, they have my name, address (which you could get from whois on a domain I own, dozens of online shops know it, ...) and info about expired credit card. That is all worthless information so I just let it go, made a new account with new card and try to avoid "suspicious activity" like you know, buying stuff
to get the picture... i frequently got an email saying my bank account is suspiciously being hacked. and in the email they provided the link to log in to confirm your identity. sure you can click on the link. but when the new windows popped up, if you check the address above, its not https:\\www.mybank.com, but instead http:\\www.scammersite\readytoread\andhack\yourpassword.com. the interface is 100% identical as the real bank site. once you entered your password, it will be stored in the scammers database ready to be processed/hack in the line. and the next thing you see on the screen, is some excuse like "oh sorry f*ck! we cannot process your password!" got it? the solution is, always change your password from time to time, it will make your previous password useless to the cracker.
Yeah, this is still a big thing, especially for not very savvy users. Browsers try to warn you if you are entering password over http, if the certificate isn't valid, or is self-signed. I think gmail warns you if the mailserver the message came from and the sender header don't match. But it is still a pretty easy think to do.