Most email scams are easy to spot but there is a new PayPal email scam that’s a lot better put together than the usual rubbish. The email looks very official and the stated purpose of the email is plausible. I can see a lot of people being caught out by it.
The email subject reads ‘Please update your information‘ and the sender’s email address appears to as firstname.lastname@example.org, which masks Support@PayPal-banque.com. Here is what it says:
We need your help
We need your help resolving an issue with your account. To give us time to
work together on this, we’ve temporarily limited what you can do with your
account until the issue is resolved.
We understand it may be frustrating not to have full access to your PayPal
account. We want to work with you to get your account back to normal as
quickly as possible.
What’s the problem?
We need a little bit more information about you to help confirm your
And here is how it looks:
Email Safety Tips
Follow these two quick tips to stay safe from phishing emails.
Check emails come from where they say they do
Check the sender’s email address uses the correct domain name that would be used by a genuine sender’s website e.g an email from PayPal support would come from email@example.com not firstname.lastname@example.org or email@example.com etc…
The easy way to check the sender’s email address is to click ‘Reply’ then look at the email address you’re replying to.
Never click links in emails from unknown sources
Links can be masked (as explained here). Links you see in emails or even on webpages can be made to look like they will take you to an official website when they really take you to an evil phishing site created to make you reveal your username and password.
For example, a text link might say ‘Login to your PayPal account‘, when you hover over the link the bottom left-hand-side of your web browser might show ‘paypal.com’ but clicking the link might take you to ‘gimme your username and password so I can fleece you of everything you have’.
If an unexpected email asks you to click a link to access your bank account, PayPal account, eBay account, Google account or any other type of account, don’t click it. Clear your browser cache and type the website’s URL into your browser’s address bar.
Please stay safe and please don’t give phishers, con artists and muggers any easy rides with your money and safety.