Try and forward the email to spoof@paypal.com
They should get back to you and tell you if it's fake. I suppose a scam could setup "www.paypal-knowledge.com" as a fake site, but I'll be surprised if they would get a valid certificate for it. In the end the email is asking to upgrade the SSL certification on your server, which in itself can't effect your site security. But I suppose like you say tapping directly into your line or a virus and getting your paypal password could be possible, but if that was the case I think they would just sit there and wait for ALL your passwords. But even then any password entered onto a SLL site would still be encrypted and in theory useless to the hacker. The move to SHA-256 is to improve encryption and stop a computer decrypting information, there was a rumour that the less complex encryption had been broken, maybe this is why paypal are forcing SHA-256.
Is your server using SSL?
forward that email to the spoof email and let see what they say!
Is your server using SSL?
forward that email to the spoof email and let see what they say!