Outline:
Email purporting to be from PayPal claims that your account has not been updated as part of the company’s regular account maintenance and you must click an “activate” link to confirm your email address.
Brief Analysis:
The email is not from PayPal and the claim that you must click to update your account details is untrue. The email is a typical phishing scam designed to steal your PayPal login credentials, your credit card details, and other personal information.
Dear PayPal User
Our records indicate that your account hasn’t been updated as a part of our regular account maintenance. Our new SSL servers check each account for activity and your information has been randomly chosen for verification. PayPal Member Services strives to serve their customers with better and secure service
Step 1: To UPDATE your account, just confirm your paypal email address. (It only takes a minute.)ACTIVATE
Step 2. Failure to update your account information’s may result in account deletion and limitation at shopping on our portal.
RegardsPaypal Online Team.
Detailed Analysis:
According to this email, which claims to be from the PayPal Online Team, your account has not be updated as required for the company’s regular maintenance procedure. The email instructs you to click an “Activate” link to confirm your PayPal email address and update your account. It warns that, should you fail to update your information as requested, your account may be limited or deleted.
However, the email is not from PayPal and you are not required to click a link and update your account as claimed. In fact, the email is a phishing scam much like many that have come before it.
If you do click the “Activate” link, you will be taken to a fraudulent website that has been built to emulate the real PayPal login page. After you have “logged in” on the bogus page, you will be asked to complete an “update” form that requests your credit card numbers, your name, address, and contact details, and other identifying information. Next, you will be told that your update has been completed successfully.
Meanwhile, however, the criminals can collect the information you submitted and use it to hijack your PayPal account, commit credit card fraud, and possibly attempt to steal your identity as well.
When sending emails, PayPal will always address you by name, never “Dear PayPal User”, “Dear Customer” or other generic greetings. Be very cautious of any message purporting to be from PayPal that claims that you must click a link or open an attachment to update account details or fix an account issue. If you receive such an email, do not click any links or open any attachments that it contains. It is always safest to login to your PayPal account by entering the address into your browser’s address bar rather than by clicking a link in an email.
You can report PayPal phishing scam emails that you receive via the reporting email address listed on the company’s website.
Last updated: January 17, 2017
First published: January 17, 2017
By Brett M. Christensen
About Hoax-Slayer
References
PayPal ‘Your Account Is Temporarily Limited’ Phishing Scam
PayPal ‘Verify to Resolve Account Limitations’ Phishing Scam
PayPal – Report Phishing