Home ScamsPhishing Scams PayPal ‘Credit Card Removed’ Phishing Scam

PayPal ‘Credit Card Removed’ Phishing Scam

by Brett M. Christensen

This story was first published on December 19, 2011

Outline:
Email purporting to be from PayPal claims that your credit card has been removed from your PayPal account and that you should follow a link to rectify the issue.


Brief Analysis:
The email is not from PayPal and your credit card has not been removed from the account as claimed. The message is a phishing scam designed to steal your PayPal account information and credit card details.

Example:
Hello [Email Address],
On May 29, 2017, you removed a card from your PayPal account.Any payments you authorized on this card before May 29, 2017 will be completed; however, no new payments will be processed on this card.Didn’t make this update?If you didn’t remove this card, Login here to your PayPal account and review your information as soon as possible. If you notice any unusual activity, please contact us immediately by clicking the Help Center link at the bottom of this email.
PayPal Removed Credit Carrd Scam

 

Example:
Subject: Your credit card information has been changed!Your credit card information has been changed.On December 13, 2011, your credit card has been removed from your PayPal account.You are receiving this email notification because this email address is listed as the administrative contact email for your PayPal account. If you belive this is an error, click the link below, log in to your PayPal account and follow the instructions.

[Link removed]

Please do not reply to this email. This mailbox is not monitored and you will not receive a response.

Sincerely,
PayPal

—————————————————————-

PayPal Email ID PP8116



Detailed Analysis:
According to this email, which purports to be from online payment service PayPal and sports a seemingly legitimate PayPal logo, your credit card has been removed from your PayPal account. The email claims that if you believe that the credit card removal is an error, you can click a link in the message and follow instructions to rectify the problem.

However, the email is not from PayPal. The claim that credit card details have been removed from the account is a lie designed to fool users into divulging information to cyber criminals.

People who fall for the ruse and follow the link will be taken to a fake “PayPal” website that has been carefully designed to mirror the genuine PayPal website. The casual observer might find it difficult to notice any difference between the fake web page and the real PayPal site. If the victim goes ahead and enters his or her login details on the fake web page, a second form will be displayed. The form asks for the victim’s name, address, contact details, and driver’s licence details as well as his or her credit card information:

All information submitted on the bogus website – including the user’s PayPal login details – can be collected by the criminals operating this scam campaign. Once they have collected this information from their victim, the criminals can then use it to hijack his or her real PayPal account, steal more personal information and make fraudulent PayPal transactions. They can also use the stolen personal and credit card information to commit credit card fraud and identity theft.

Because it conducts its operations primarily online and via email, PayPal has become a regular and ongoing target for phishing scammers. Be cautious of any message purporting to be from PayPal that asks you to follow a link to supply personal or financial information. Always login to PayPal by entering the PayPal address into your web browser. PayPal has published information on its website that helps users identify phishing scams.


Importance Notice

After considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.

These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.

Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.

And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.

When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.

I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.

A Big Thank You

I would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.

I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.

Closing Date

Hoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.

Thank you, one and all!

Brett Christensen,
Hoax-Slayer