Most of us these days will have a PayPal account. It’s a great way to both receive and make payments online.
Given both the nature and popularity of this online financial service, scammers are always after your login details. With those details, cyber criminals can try to make unauthorised withdrawals and payments using your identity and your money.
Phishing is perhaps the most popular type of scam aimed at obtaining your PayPal details. This type of scam lures victims to spoof webpages designed to look like the PayPal login page. But they’re actually webpages that belong to criminals, and upon entering your login information to these pages, your details are transmitted straight to a scammer.
So, we take a look at a couple of PayPal phishing scams to help you spot those giveaways. Read this and you should be able to spot a PayPal phishing scam a mile away.
Let’s start with our first example.
The aim of criminals using PayPal phishing scams is to get your attention, often by alarming you to something wrong or unusual. This is why a popular modus operandi is for these scam emails to tell you that there is something wrong or unusual going on with your account. This could be informing you of an unusually large withdrawal or transfer, or – as above – telling you that something has gone wrong with your account, such as “suspicious activity”. As such, this is usually the initial red flag that the email may not be as it seems.
Sponsored Content. Continued below...
But there are other red flags here too. The example above begins with “Hello PayPal Customer”. However genuine PayPal emails will include your full name, since PayPal has that information (and criminals will probably not.) So watch out for emails that include generic greetings.
Perhaps the biggest giveaway though will materialise after you click the link within the email, since it will not take you to the PayPal website. You will be taken to a spoof website and this can be spotted easily enough by checking the web address, which would not start with PayPal.com.
This next example may appear legitimate at first glance since it looks professional and uses PayPal graphics. However you’ll notice the same red flags we discuss above. Your name does not appear in the email, clicking the link doesn’t take you to PayPal’s website, and once again the email is alerting you to unusual activity concerning your account.
We can add another red flag (that was also present in the first email too) and that is poor grammar, for example the error on step 3, using “your” instead of “you”.
But don’t go thinking that all PayPal phishing emails will be easy to spot. Some can be very convincing indeed – check out the below example.
This email looks legitimate and that’s likely because the criminals have copied and pasted the details from a real PayPal email into a fake one and sent it to you – meaning no obvious grammar errors and a very convincing layout.
This email appears to show a sales receipt from PayPal for a purchase on eBay. However the red flags are still there. The email still doesn’t include your name, and it is still luring you with unusual activity on your account (since you didn’t make such a purchase!) and the links in the email lead to a spoof webpage. And of course this email was detected by the installed Antivirus software, as apparent in the email header.
If you’re just not sure if an email is genuine, the important advice is to simply avoid clicking the links included in the email and head straight to the PayPal website (www.PayPal.com) directly to resolve any potential issues with your account.
This way you don’t need to click on links that could take you anywhere, and you’ll know that you are on the real PayPal website.