According to an email that purports to be from PayPal, the company has declined your last transaction for your safety.
Supposedly, the transaction looked suspicious so PayPal limited your account for security reasons. The email claims that you must follow a link to confirm that you are indeed the account holder.
But, despite its appearance, the email is not from PayPal and your transaction has not been declined as claimed. Instead, it is a phishing scam designed to steal your personal and financial information.
If you click the “Confirm Now” button, you will be taken to a fraudulent website that has been built to emulate a genuine PayPal page. The fake page first asks you to log in with your PayPal email address and password.
Next, you will be asked to fill in a series of forms that request your credit card details, your name, address, and contact information, and other identifying information.
After you have submitted the forms, you may see a final message advising that you have successfully confirmed your account and lifted the supposed limitation.
Criminals can now collect the information you supplied and use it to take control of your PayPal account, fraudulently use your credit card, and attempt to steal your identity.
Always login to PayPal by entering the PayPal address into your web browser.
Remember that PayPal will always address you by name in notification emails. It will not omit this greeting nor will it use generic greetings such as “Dear Customer.
PayPal has published information on its website that helps users identify phishing scams.
An example of the scam email:
Transcript of the scam email:
We declined your last transaction for your safety We declined your last transaction for your safety As you know, your last transaction was recently declined. What you may not know is that it was because Your transaction looks suspicious or someone using your account without your permission so we limit your account. Let’s make sure it doesn’t happen again. For your safety, we must confirm you are indeed the account holder to prevent fraud.