[NaNaN]

A summary about phishing:

    1. Found you password with the same email address somewhere
     and ask if you still use that email address on another site.
    2. And get your IP, then login through proxy to bypass the security checking.
    3. Still, to know which email address is in use.

If you just worry, change you password right now without using their service. :P It may be good that every a few months some guys remind you to change passwords.

[broolstoryco]

Exactly what proxy would allow to appear to be using my IP address?

[netrus]

For many security checks, a proxy in the same country would be sufficient. They might only check if you log in from Asia and America at the same time.