Emails that appear to be from PayPal claim that the recipient has purchased an expensive item via eBay and has sent a payment for the item to the seller.
The emails are phishing scams. They are not from PayPal. If you click the cancel payment link in the message, you will be taken to a fraudulent website designed to steal your PayPal login details and other personal and financial information.
According to this email, which purports to be from eBay, you sent a payment for a Fujifilm FinPix camera that you purchased via eBay. The email, which is professionally presented and features both the PayPal and the eBay logo, includes details about the supposed purchase and the eBay seller who allegedly supplied it.
Despite its appearance, however, the email is not from PayPal and the claim that you sent a payment to the listed seller is untrue. Instead, the email is a phishing scam designed to steal your PayPal account login credentials, your credit card details, and other identifying personal information.
As phishing scams go, this one is quite sophisticated. Instead of demanding that recipients click a link, this scam takes a more subtle approach. The scammers know that at least a few recipients, panicked into believing that their PayPal account has been used to make an unauthorised purchase, will discover and click the “cancel payment” link in the footer of the email. This approach may make the email seem more legitimate to many potential victims.
Moreover, the item listed in the email links to a genuine eBay listing. And the seller listed in the email is a real eBay seller. This adds further undue credibility to the email. In reality, the seller’s name and item listings have been hijacked by the scammers and used without the seller’s knowledge or permission.
If you do click the “cancel payment” link, you will be taken to a fraudulent website that has been designed to closely emulate a genuine PayPal login. After “logging in” on the fake site, you will be taken to a second page that asks you to supply your name and address details, your credit card numbers, your mother’s maiden name, your driver’s license number, and your date of birth:
After you hit the “Cancel Payment” button on the bogus form, all of the information that you supplied will be collected by criminals and used to hijack your PayPal account, commit credit card fraud, and steal your identity.
This “cancel payment” ruse is a common scammer tactic. Details in these emails vary considerably. Different versions will list different products, sellers, purchase amounts, and other details. But, all of them are designed to trick people into clicking the “cancel payment” link and divulging their personal information to criminals.
If you receive an email that appears to be from PayPal and claims that you have made a payment you know nothing about, do not click any links that it contains.
It is always safest to access your PayPal account by entering the address into your browser’s address bar or via an official PayPal app. And, keep in mind that genuine PayPal emails will ALWAYS address you by name. They will NEVER omit your name from the greeting or address you with a generic greeting such as “Dear Customer” or your email address.
PayPal has information about phishing scams and how to report them on its website.
Last updated: August 8, 2016
First published: August 8, 2016
By Brett M. Christensen