- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yesterday I got an email on my business account from Paypal about a New Login to Paypal from an unrecognized device. It didn't look like a phishing email, it was from service at paypal, it addressed me by my name. I looked at the email headers, it has a valid SPF IP address, the DKIM signature was verified, it had a valid DMARC and it was encrypted. So all the marking of an authenticated email from Paypal. Paypal customer care is adamant they never sent me any emails, well I guess someone hacked Paypal's systems to send emails in that case. Then I had a very unpleasant conversation with the customer exec about trying to see how I can review my login activity. According to her it's corporate policy.
I'm shocked is that I can see my login activity, my IP address on this COMMUNITY FORUM settings page; but when I log into my Paypal business account I cannot see when/where the last few logins were from, which device, which IP address etc. A paypal run community forum will show this information but my paypal financial institution won't allow me to review my login activity to secure my account.
How do I get this information, it's rather basic that EVERYONE today provides business sellers to help secure their accounts. Is there a way to escalate this to the Product Management team or security team at Paypal to review and reconsider allowing users to reviewing their login activity in business accounts to help secure them? Is there an email? I'm guessing Management doesn't really care unless it becomes a public relations nightmare.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same thing here. Does anyone else use mint or something else connected to your paypal account? I noticed that the last update to my paypal balance in mint corresponded with the time that I got the email from paypal. Seems strange that an API connection would trigger a login notification as it's never happened in the past but that is my initial hunch.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I received the same email this morning. I ran the same test with the same results as well.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just got this as well - it is extremely upsetting to not being able to view the IPs to verify whether these messages are legitimate or not.
If the message was legitimate, then it was absolutely an unauthorized login because it was a browser on an OS I have never used in my life.
I messaged support with a picture of the email showing the sender details and most of the body of the message. I would guess if it's happened to so many of us on the same day it is a sophisticated fishing attempt and advise that no one reply to or click any links in the message. Close the browser and open a new window, navigate to paypal, change your password, and enable 2FA if you haven't already (the authenticator apps are more secure than the text message, but either is better than nothing).
Most email providers now also have a "Report phishing" or similar option for emails that seem phishy, probably worth reporting until we get an answer on legitimacy.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Mine was today on a personal account but it also said Firefox OS X. I called and they knew about it so the message was generated by their system. But no damage done that I can see and we never use that browser. The rep was unable to confirm whether or not someone had actually logged in or not which is more than a little frustrating.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Same thing here. Does anyone else use mint or something else connected to your paypal account? I noticed that the last update to my paypal balance in mint corresponded with the time that I got the email from paypal. Seems strange that an API connection would trigger a login notification as it's never happened in the past but that is my initial hunch.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm suspecting it was Mint as well, as that's the only app/site/entity I've given my credentials to.
- « Previous page
- Next page »
Haven't Found your Answer?
It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.
- Is there anything I can do so that paypal review my documents until Monday? in Disputes and Limitations Archives
- Adding money from bank not doing anything in My Money Archives
- Was this a phishing email? in PayPal Basics Archives
- Negative balance not showing up in paypal after I log in in My Money Archives
- Are "Mayumiss" scammers? in Disputes and Limitations Archives