Email purporting to be from PayPal threatens that, if you do not update your information within 72 hours, your PayPal account will be closed.
PayPal did not send this email and your account is not set to be closed as claimed. The email is a phishing scam designed to steal your personal and financial information.
At first take, this email may look like it really was sent by PayPal. It features the PayPal logo, is professionally formatted, and includes PayPal copyright and address information in the message footer. The email warns that you, dear customer, will have your PayPal account closed within 72 hours if you do not perform an update. Supposedly, some information on your account is missing or incorrect. Thus, claims the email, you should promptly click a button to complete the update and stop PayPal from limiting your account.
But, despite its appearance, the email is most certainly NOT from PayPal. It is instead a phishing scam designed to steal your personal and financial information.
If you click the nicely rounded blue ‘Check it Here’ button you’ll be taken to a webpage that closely mirrors the genuine PayPal site. Like the scam email, the fake webpage features PayPal logos, formatting, and other secondary elements designed to make it appear legitimate. But, there is certainly nothing legitimate about the login box, which is the central element on the page. If you enter your PayPal email address and password into the login box, you will be taken to a second – equally bogus – webpage that asks you to supply your credit card details, name and contact details, and other personal data, ostensibly as part of the update process. After submitting the requested update information, you may be taken to a final fake page that states that the update is now completed and you have therefore successfully avoided the threatened account closure.
So, having gathered all of the information you supplied via the fake website, what might the criminals do with it? Well, they may gain access to your PayPal account using the login details you gave them. Once in your account, they can conduct fraudulent transactions in your name and use the account as they see fit. And, they can use your credit card details to conduct yet more fraudulent transactions. Moreover, they may be able to use the information you supply to steal your identity, a crime that can have very serious and ongoing repercussions for victims.
Unfortunately, PayPal phishing scams like this one are all too common. In fact, I discussed a scam very similar to this one quite recently. The earlier variant was presented a little differently and claimed that your PayPal account had ALREADY been closed. But the outcomes for victims is pretty much the same for both versions.
Because PayPal conducts almost all of its business via the Internet and email, its customers are a favourite target for phishing scammers. And some of these phishing attempts are now quite sophisticated. To avoid being caught out by such scams, always login to your PayPal account by entering the address into your browser’s address bar or via a trusted PayPal app rather than by clicking an email link. Keep in mind that PayPal will NEVER send you a threatening email that demands that you click a link to update your details or fix a supposed account problem. Furthermore, genuine PayPal emails will ALWAYS address you by name. They will NEVER use generic greetings such as ‘Dear Customer’.
The PayPal website includes information about how to recognise and report phishing scams.
Thanks for reading this far! While I’ve still got your attention, and since we’ve been discussing fraud and identity theft, perhaps you might consider jumping over to Amazon.com and checking out Hoax-Slayer’s eBook Protecting Yourself from Identity Theft, Internet Scams & Phone Scams.
Proceeds from the book really help to support Hoax-Slayer!
Last updated: March 17, 2016
First published: March 17, 2016
By Brett M. Christensen