There’s a new Paypal phishing scam to take note of and avoid!
How it works: An email, apparently from Paypal, suggests unauthorized changes have been made to your Paypal account. Potential victims are told their accounts have been flagged for suspicious activity. To avoid unnecessary charges and fees, victims are asked to update their bank account information, email address, password and other sensitive account information.
Although they appear authentic, complete with the Paypal logo, these dangerous emails are not legitimate, and are not from Paypal. They are from scammers who want to steal your money and your identity.
The links contained in these scam emails lead to hacker websites. With a simple click of their fake link, malicious software could be loaded on your computer or device. Or, they may link you to their hacker websites which look exactly like a Paypal login screen. Unfortunately, when you enter your username and password you are really giving them your signon which they can use to access your account. They can then steal your money, and drain your account!
Rule of thumb: Never click links in an email, which lead to a log in screen – no matter how authentic the email looks! Always close the email. Open a web browser and type in the real Paypal.com address. You will see a padlock on the address bar which tells you it’s safe and secure.
How to spot a fake:
- One clue to look for is broken English, misspelling and misuse of punctuation.
- Check the link in the email by hovering over the blue underlined hyperlink and looking at the URL (it may pop up next to it or may appear at the bottom status bar of your screen), if it looks suspicious do not click on it.
- Close the email and go to the real Paypal.com website. They may even have warnings on their site about the scam in question.
- Google wording from the suspicious email to see if anyone has reported on it being a scam (like we are doing here!)
- Here’s an example of a fake email:
Tips from Paypal.com on how to check for scam emails, and what to do if you’ve received one.
There are many telltale signs of a fraudulent email:
- A false sense of urgency. Many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
- Fake links. These may look real, but they can lead you into trouble. Check where a link is going before you click by hovering over the URL. If it looks suspicious, don’t click.
- Attachments. A real email from PayPal will never include an attachment or software. Attachments can contain malware, so you should never open one unless you are 100% sure it’s legitimate.
If you’re not sure whether a PayPal email is legitimate or not, here is what you do: don’t click on any link in the email. Instead, go to PayPal.com and log in. If there is any urgent message for you, you will see it here.
Stay vigilant. Monitor bank accounts regularly, especially during the busy holiday season. Write down all financial transactions made in stores and online to ensure they match your monthly statements. If you feel you have been targeted by scammers, contact Paypal and FORWARD the suspect email –– don’t cut and paste the contents, because valuable tracking information about the source will be lost to firstname.lastname@example.org, subject line intact.
We reported on a similar scam last year. Read more about how to spot Fake Paypal Emails in our article: FREE $100 from PayPal! Did you get THIS email?!