‘You’ve Just Sent a Payment’ PayPal SMS Phishing Scam

SMS claims that you have just sent a payment via email and should click a PayPal link if you want to cancel the payment.

Brief Analysis:
The SMS is not a genuine PayPal payment notification. It is a phishing scam designed to steal your PayPal account login details, credit card numbers, and other personal information.

[Name Removed], You’ve just sent a payment to zap¿gmail.com Transaction ID :16H7741T90521A . To cancel the payment click here [ Link to fake PayPal website removed]

PayPal SMS Phishing Scam

Detailed Analysis:
According to this SMS, you have sent a payment to a specified email address. The message, which includes a transaction ID, advises that you can click a link that appears to go to PayPal if you wish to cancel the payment.

However, PayPal did not send the SMS and the claim that you have sent a payment to the listed email address is untrue.

In fact, the SMS is a phishing scam intent on stealing your personal and financial information. The criminals who sent the SMS know that at least a few recipients will actually believe that a fraudulent payment has been made in their names and will click the link in the hope of cancelling the transaction.

If you do click the link, you will be taken to a bogus webpage designed to look like a genuine PayPal page and asked to login. After you enter your PayPal email address and password, you will be taken to a second fake page that asks for your address, phone number, and date of birth. Next, you will be taken to yet another fake page that requests your credit card details and other personal and financial information. The forms claim that you must confirm your identity to cancel the payment:

Bogus Paypal web form

But, alas, all of the information you submit via the bogus website can be collected by criminals and used to hijack your PayPal account and commit credit card fraud and identity theft.

PayPal phishing scams are all too common and criminals are increasingly using SMS to reach potential victims.  Be wary of any email or SMS that claims to be from PayPal and asks you to click a link to cancel a payment, unlock a suspended account, update details, or fix a supposed problem with your account. Remember that genuine PayPal messages will always address you by name.

It is always safest to login to your PayPal account by entering the address into your browser’s address bar or via a trusted PayPal app.

PayPal has published information about how to report phishing scams on its website.

Last updated: April 20, 2016
First published: April 20, 2016
By Brett M. Christensen
About Hoax-Slayer

Cybercriminals Using Text Messages To Distribute PayPal Phishing Scams
Phishing Scams – Anti-Phishing Information
Report a suspicious email or website