Security Warning: Beware Of A New PayPal Phishing Scam

A new attempt to “fish” for your private, sensitive data is targeting your PayPal account via email.

Updated Mar 30, 2017Security

If you received an email lately stating that someone could be using your PayPal account without your consent – don’t disregard the possibility it might be a scam.

As in the following example, cyber criminals use deceptive tactics in order to lure you into their hands. They do so by using a familiar looking template pretending to be an authentic warning which calls for action, your action that is.


PayPal phishing email example

Nevertheless, there are some signs which indicate the above being fraudulent and not genuine, hopefully, you’ve managed to spot them yourself.

Let’s go over some of these signs, just to make sure you’ll stay on the safer side of the statistics, shall we? alright.

Phishy Email Indicators

– Finding an important message waiting inside your email’s spam box: modern email clients use wide range of security measures, many of which include smart filtering mechanisms that know how to differentiate between safe and scam emails (although mistakes can still be made).

Thus finding an important email waiting in your spam box should serve as a warning sign that something might be ‘phishy’.

– The sender’s address: it’s always a good idea to examine the sender address, as in the example above, we can see that the sender uses a non familiar domain = instead of the expected

– Execute attached file: it’s a very prominent warning sign when someone asks you to download and run something on your local system, let alone when it regards to your online PayPal account, which is obviously located online (and not on your local system).

– The email content: although the email does its best to resemble a familiar template you may have encountered in the past, certain nuances can still shed light on its authenticity, such as:

— The email doesn’t include any of your identifying details, not even your user-name, a datum you’d expect to be known to the authentic sender.

— The email mentions limitations were applied to your account – a rather easy claim to refute upon login into your account as you usually do.

— The email doesn’t contain any contact information for further inquiries.

What To Do?

In case you’ve encountered a suspicious email, a website or a suspicious SMS, there are a few measures you can take.

1. Stay cautious! don’t do anything rash so you won’t end up recklessly giving your bank-account / credit-card details to some non-reliable figure.

Think twice before filling out forms with some of your most sensitive details:


A PayPal-like phishing form that serves as a trap to steal your data

2. Verify! contact the sender’s company (PayPal in this case) and ask them to confirm whether they have sent you the message in question.

3. Report. Once you’ve reached a certain amount of probability that you’re indeed dealing with a scam attempt. Report it to prevent others from falling into the trap, and also, so that the attacker might be brought to justice.