Scam Alert: PayPal phishing emails

PayPal scams come in many different forms and typically include phishing emails, spoofed websites, suspicious links and malicious posts on social media. They are designed to look like official correspondence from the company with the aim to trick as many users as possible into disclosing sensitive information.

What to watch out for

Emails are currently being sent claiming to be from PayPal. These emails state the recipient’s account has been ‘limited’ as a result of a policy violation and ask for customers to update their account or check the security of their account by clicking a link in the email.

The links provided in the emails lead to genuine-looking websites that are phishing sites designed to steal PayPal login details, as well as personal and financial information from users.

• Be aware of any emails that ask you to provide personal information directly in response.
• Do not click on links or attachments in unexpected or suspicious emails.
• Be aware that scammers often use a false sense of urgency to prompt you to act.
• Scammers also tend to use impersonal, generic greetings such as, ‘Dear Customer’ or ‘Dear User’.

It is also worth bearing in mind that an official email from PayPal will always come from paypal.com. Always check the sender’s email address by clicking on the address bar and if the email address does not originate from the official domain, then it is likely to be a fake. Important PayPal communications to account holders are always sent to the secure message centre within their PayPal account and will have a message waiting if PayPal does need you to take any action.

What action should you take?

If you receive a phishing email, you should follow these steps:

• Report the email to National Cyber Security Centre (NCSC) by emailing report@phishing.gov.uk
• Forward it to spoof@paypal.com and PayPal will investigate it further
• Ensure you are using the latest software, apps and operating systems on your phones, tablets and laptops