Image ©: stevanovicigor /Depositphotos.com
One version of the scam, which is currently being distributed via email, falsely claims that PayPal couldn’t verify your recent transactions. The message, which includes the PayPal logo, asks you to click a button labelled “Verify Information Now” to rectify the supposed problem.
The email claims that this verification is required because PayPal has noticed some changes to your usual selling activity. It also asks you to confirm that you’ve changed your password.
The idea here is to panic you into clicking the verify button in the mistaken belief that your account has been compromised and the password changed.
If you do click as instructed, you’ll be taken to a fraudulent website that has been built to mirror the genuine PayPal home page. Once on the fake site, you’ll be asked to log in with your PayPal email address and password. Next, a fake account update form will open in your browser. The form will ask for your name and contact details, your credit card numbers, and other identifying personal information.
After you submit the completed form, you may see a final message claiming that you have successfully verified and protected your account.
But, now, the criminals can use the information you provided to take control of your PayPal account, commit credit card fraud, and attempt to steal your identity.
If you receive a message like this one, do not click any links or buttons that it contains. Remember that genuine PayPal emails will always address you by name. They will never use generic greetings such as “Dear Client” or “Dear Customer”. Nor will they omit this greeting or use your email address in place of your name.
The PayPal website includes information about how to recognize and report such phishing scams.
An example of the scam email:
Subject: New Transaction Statements – we’re letting you know : We couldn’t verify your recent transactions
This video from the Hoax-Slayer YouTube channel discusses a similar PayPal phishing attack: