Yet again, a PayPal phishing email scam is circulating through inboxes worldwide. Report it and delete it, so you don’t fall victim.
Be wary of these three-pronged PayPal scams. First, we highlight another story of a scammer trying to trick people into giving them their details.
Recently, someone was sent an email from PayPal saying, “You’ve received a money transfer,” but then they started looking into it further and discovered it was a phishing email scam.
When someone asks for payments through PayPal, you should start looking into their email account to see if there’s any reason why you shouldn’t pay them. Are they real?
For example, you can click on an email recipient’s name in Gmail to view their full email address.
Back to the original report, the email came from PayPal, so the personed opened it without fear. Inside the email, they saw that the sender was still PayPal. The email said that it was from a real name also.
But, several signs indicated this email was fraudulent. One of them was the misspelled word “fraudulently.” Another was the fact that there was a missing period after $799 and before 99. However, the most exciting part of the message was when they wrote, “$799.99 today.” They used two commas instead of one.
It’s common for scammers to use these mistakes because they make their messages look more legitimate. Another part of the email stated, “Please contact us immediately at 1-800-PAYPAL to cancel your order and receive a full refund.”
There was a space between the 800 and the other letter. Also, the word “cancel” appeared twice near the end of the sentence. This is because an urgent email might also include information about an upcoming deadline.
The bottom of the email contained a link to pay via PayPal. When clicked, it took the person to the PayPal website, where they could make my payment. But, of course, the URL looked like any other PayPal URL, so they didn’t think much of it.
But then, after clicking through the checkout process, they noticed something odd. Their PayPal account balance showed $0.00. That wasn’t right. They went back to their inbox and found the original email. Sure enough, the bottom of the email contained the same PayPal link. Clicking on it brought them to the PayPal site and displayed their current balance. They checked again, and sure enough, it said $0.00.
So What Happened Next In This PayPal Phishing Email Story?
Rather than doing anything with the message (like sending it to a friend), the recipient instead sent it to PayPal directly. Then, after verifying their identity with two-factor authentication, they could log into PayPal.
When they clicked on the transaction, they saw it had been canceled. However, the transaction was listed as pending when they first signed into the system.
After clicking on the “Help” link at the top of the page, they can navigate to the contact us section. From there, the person found the phone number for the customer service department.
After explaining the situation, the agent knew exactly what they wanted to talk about and assured them there would be no charge for this call. They were also given instructions on how to stop this service.
When you click on a requested payment, there are two options you may select: “Send Money” and “Cancel.” Unfortunately, they did not capture a screenshot before they canceled the request. However, they focused much more on revoking the request rather than sending the money.
After clicking the “Cancel” button, the person didn’t lose any funds. Then, they chatted with the PayPal agent for a few minutes and learned some things below.
It seems likely that any particular group did not specifically target the person. Instead, their email was just one of the hundreds of emails tossed into an ad campaign.
While the password used for this account was not one of their most frequently used passwords, some passwords have been all over the internet for decades, so they must be accessible to hackers.
Anyone can send someone else an email asking them to pay up. However, they must enter their PayPal account and click “Send” to start. It’s a significant component of what PayPal does, but it’s not recommended for most purposes.
Once that email address has been entered, PayPal does most of its work. This makes it quite ideal for phishers.
A payment gateway such as PayPal should not be used for payments unless it can guarantee 100% security (and if it cannot, then do not allow them to take your money).
Any website offering an online store should only accept payments via trusted third-party gateways such as PayPal, Google Checkout, or Amazon Payments. Otherwise, the site owner could find themselves liable for fraudulent transactions against their account (if someone manages to steal your credit card details and use them fraudulently).
Another sign of an email scam is when scammers ask you to contact them via phone. If they charge you for calling them back, then it’s probably a scam. For example, they might call you back, pretending to be from another country, so you pay for a long-distance call.
When someone receives an unsolicited phone call from a person claiming to be from PayPal, they’re likely to believe them because they’ve been tricked into thinking they were calling PayPal.
At this stage, scammed individuals are usually asked for sensitive personal information, which can then be used to launch further scams.
How To Protect Yourself From These Scams
The most significant advice is simply this: pay close enough attention! Don’t go through your inbox mindlessly, clicking to get through your email. Instead, be present and notice everything.
Protect yourself from online banking account theft by checking your bank accounts and your financial statements regularly. Next, watch out for fraudulent activity on your bank and personal accounts. And finally, if you notice any suspicious transactions, contact your bank immediately.
Concerning PayPal, know that PayPal will not initiate a transaction without your explicit approval. However, PayPal will send payments for subscriptions or recurring donations once you’ve permitted them.
Don’t click on any links in suspicious emails; don’t call any phone numbers you can’t verify independently; make sure your account has two-step verification.
Keep your computer up-to-date by updating your operating system and web browsers whenever they prompt you to do so and running good malware protection. All this can help you avoid falling for a PayPal phishing email scam and get it reported, so others don’t fall victim.