** Spoof / Phishing Emails - Tips on how to identify & stay protected **

PayPal_Siobhán
Moderator
Moderator

Due to the increase in Phishing /Spoof Emails being reported to PayPal I thought I would post a few tips on this topic that might help.

 

You’ll know that an email is not from PayPal when:

 

  • The email uses a generic greeting like ‘Dear user’ or ‘Hello, PayPal member.’ We'll always address you by your first and last name.
  • The email requests financial and other personal information. A real email from us will never ask for your bank account number, debit or credit card number etc. Also we'll never ask for your full name, your account password, or the answers to your PayPal security questions in an email.
  • The email asks you to provide the tracking number of a dispatched item, before you've received the payment into your PayPal account
  • The email includes a software update to install on your computer.

 

Here are some security tips to help you stay protected online:

 

  • Even if a URL contains the word 'PayPal', it may not be a PayPal webpage.
  • When using PayPal, always ensure that the URL address listed at the top of the browser displays as https://www.paypal.com. The 's' in ‘https’ means the website is secure.
  • Look for the 'lock' symbol that appears in the address bar. This symbol indicates that the site you are visiting is secure.

 

If you think you’ve received a phishing email, forward it to spoof@paypal.co.uk and then delete the fake email from your mailbox.

 

Hope this helps,

 

Siobhán 

Login to Me Too
137 REPLIES 137

Hikki
New Community Member

I go the exact same email today as well. Like you I changed all my security settings and removed my credit card info. I luckily didn't put any information into the link they sent me because I logged in through my normal paypal link in my favourites folder and saw that there were 0 notifications.

 

To be safe I think I'll be holding off on using paypal for a week or 2 and leave my accounts info blank for that time.

 

Interestingly Outlook said that it was a trusted source despite their sender name being PayPai Service except with a capital i to make it look like an l

Login to Me Too

PayPal_david
Moderator
Moderator

Hi guys.

 

Thanks for letting us know.

 

Can you please follow the steps on how you can detect and report phishing emails to us here http://ow.ly/V71vI

 

Please let us know if you need anything else in future.

David.

Login to Me Too

PayPal_david
Moderator
Moderator

Hi guys.

 

Thanks for letting us know.

 

Can you please follow the steps on how you can detect and report phishing emails to us here http://ow.ly/V71vI

 

Please let us know if you need anything else in future.

David.

Login to Me Too

ahunter8056
Contributor
Contributor

I received this email today. Stupidly I didn't check the email address, and just saw the notice from Outlook telling me that it was a trusted sender, and so I stupidly assumed the email was genuine. I clicked on the link and filled in my username and password and hit enter, and that's when I realised my mistake. I glanced at the address bar, and saw that "paypal" was spelt "paypa". I instantly closed the tab. I logged into the genuine Paypal and instantly changed my email address and password.

 

I'm posting here to ask, now that I've changed my email address and password, is there any other way these scammers can gain access to my account, bank account and debit card? If so, what can I do to prevent this?

Login to Me Too

jojo302
Contributor
Contributor

I got the exact same message today and wasn't sure if I had maybe done something that I'd fogotten about, of if there was actually a hold on my account for a ligitimate reason. At first glance, the email looked very official and I admit that I didn't really read each line - just skimmed. My mistake! I should have noticed right away that the return sender's email address isn't even spelled correctly: "‎[removed]." Then, immediately I should've realized that the genuine paypal wouldn't have referred to me by my email address, instead of my name.

I clicked on the link in the email which took me to an authentic-looking paypal log in page (almost if not completely identical to the actual paypal log in page) and used my own user name to log in, which worked. Then I proceeded to begin "updating," my name and address information. But once I saw that it was asking for my social security number, I decided to stop. I searched paypal on Google, logged in and there I saw that there was no mention of my account being "limited" for suspicious activity, nor did it request that I update any information. Not only that, but it had my stored caard information already there, which the first page did not. Needless to say I immediately closed the first page. But what is strange is that my paypal user name and password worked to log me into the fake account. Now I'm concerned that I may have compromised my account so I'm going to have to close it to be on the safe side. 

Login to Me Too

Rarebear
Member
Member

I received an email from Account Suspended and immediately thought ' foul play '

Did not click on the link 'restore account'

 

Warning to All !!!

 

regards

rarebear

 

Login to Me Too

PayPal_Carlos
Moderator
Moderator

Hello Rarebear, 

 

Thank you for your post and welcome to the PayPal UK Community!

 

I am sorry to hear about this experience. You have done the right thing not to click in any links attached into that email. I suggest you to take a look into this article that will help you to spot genuine PayPal communications [removed]

 

Hope this helps, 

 

Carlos 

Login to Me Too

Theoneblueeyes
New Community Member

After getting my own 'your account has been limited' e-mail I read through this topic. My message was a little different, but basically it's the same thing. It looks professional enough to be from Paypal, but it was suspicious enough for me to not click the 'update your informations' button. Also, I checked my Paypal account and it's fine and when I opened the message the sender was listed as '‎[removed] (removed the actual address, but it really did end with outlook.com
'I've forwarded it to the e-mail adress mentioned in the article 'I received an email from PayPal-how do I know it's genuine?' 

 

So here is another version of it:

‎[removed]
             
     
 
           
 
 
 
 
Your Account Will Be Limited.
Recently, we have detected different logins to your account from different country followed by some illegals buys and we think that the hackers have hacked it, so we have suspended your account and we sent this message to this address in order to confirm your account information .

Here are some things you need to do.

Open your account by clicking to "update" button.
update your informations after logging in. We will give you 2 days to update your informations or we will suspend your account forever.

Sincerely,
Case ID Number: PP-003-113-315-639
‎[removed]
 
 
 
             
‎[removed]
 
How do I know this is not a Spoof email?

An email really come from PayPal must be sent from this address (removed because it's not allowed to post the e-mail adress, but it looked like the genuine sevice paypal address). If you receive any email from other address it will be usually an attempt at fraud. Also, fake emails often contain misspellings and grammatical errors or are written in a language which you did not set as preferred for your PayPal account. Remember not to click any links in suspicious looking emails.

[Notice] : If this email was sent to you in your Junk or Spam folder 
I ask you not to consider it as spam. This folder was mistakenly marked as spam by the restrictions implemented by your Internet Service Provider, we urge you to treat it genuinely.
Thanks .

 
This email was sent to‎[removed] because your email preferences are set to receive the PayPal Periodical newsletter and Product Updates. ‎[removed]

Copyright © 1999–2015 All rights reserved. PayPal Pte. Ltd. Address is‎[removed]

Consumer advisory - PayPal Pte. Ltd. the holder of PayPal's stored value facility, does not require the approval of the Monetary Authority of Singapore. Users are advised to read the ‎[removed] carefully.

 

 

Login to Me Too

Coletca
Contributor
Contributor
I've just received the 'Activity Limited' spam email.
Login to Me Too

Wichuda
New Community Member

Hi,

 

I've received this email and it looks weird to me. Is it fake?

 

 

You've received an instant payment

This e-Mail confirms that you have received an Instant payment of ฿18,200.00 THB
from Elizabeth [removed] via PayPal MERCHANDISE Payment Service.

Reversals : This method of payment can not be reversed.

Status : Pending reload Transport Company Awaiting Payment.


VisaMastercardAmerican ExpressDiscoverPayPalPayPal Credit
Summary of this invoice

Sent from Elizabeth [removed]


Title ฿ 6,200.00 THB
฿ 2,000.00 THB
฿ 10,000.00 THB

฿ 18,200.00 THB

Goods Purchased

Transport Company's Agent : Boyd Freight International Shipping Company

Name : Li [removed],
Address :[removed]
City : Beijing
Province : Beijing
Zip code : [removed]
Country : China

Once the money's there you can:
Spend the money online at thousands of stores that accept PayPal.
Transfer it to your bank account (Once the money's there).
Get a PayPal Debit Master Card.
The above sum includes the transport charges & tax as we and the Transport Company quoted for the buyer (as per PayPal MERCHANDISE PAYMENT POLICY). You will receive a Message from us shortly informing you on how to send the Transport Fee and Tax to the transport company.

 


PLEASE NOTE:
Questions? You may contact us by replying directly to this message >>For assistance
Thanks for using PayPal – the safer, easier way to pay and get paid online.
Please kindly reply to this email for help or status on this transaction. This mailbox is monitored and you will receive a response.
Copyright © 1999-2016 PayPal. All rights reserved.

PayPal Email ID PP307.

 
Login to Me Too

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.