PayPal Phishing Scams: How to Avoid Online Scams in 2019
- Salman Ahmed
- December 20th, 2018
PayPal phishing is a new trend to trick customers. These Cyber thieves are sending convincing emails that look like official one to fool users and get all the information they want.
This is something very concerning since PayPal is popular for its reliability and secure transaction service globally. From bank account details to your home address, everything these scammers can get through phishing scams.
Lead malware intelligence Analyst at Malwarebytes highlights this vulnerable threat regarding these Phishing attacks. According to him:
“The scammers used a fake email address that is similar to PayPal’s official address except it is a complete hoax. In the illicit campaign, users are tricked into believing that a recent transaction they have made “could not be verified.”
(Christopher Boyd-Malwarebytes)
So without wasting more time lets start with gaining the knowledge regarding what kind of scenario indicate phishing scams and how to avoid it:
What is PayPal Phishing Scam?
Before looking into how to avoid PayPal Phishing scam, I think it is vigorously important what it is and what kind of language used by scammers to trick you:
Case 1# [New Transaction Statements] We’re letting you know: We couldn’t verify your recent transactions
Case 2# [New Activity Statements] [Account Hold] Re: Your payments processed cannot be completed
The cases mentioned above are two common statements used by scammers to get the access of your sensitive data. However, if you are good with language, you can see some serious grammatical mistakes in these spam emails.
Moreover, the appearance of these spam emails looks very similar to a genuine one. These PayPal phishing emails have all sorts of official appearance such as logo and signature. Here is the example of PayPal scam email:
At the very first glimpse, this scam email looks like the official one. Additionally, the email address “service@paypal.com” initials are similar to the real PayPal address. However, when you analyze it carefully, you will find out that the original PayPal address does not end at “.com,” but it has further long details too.
One more way to recognize the PayPal phishing email is by checking the URL of the button mentioned in the email. When you click on this “Verify Information Now” button, you will direct towards fake PayPal landing page. Here is an example of a fake page:
The URL this fake page shows is pretty similar to the official PayPal page. However, when you further investigate the URL, you will notice that this URL has nothing to do with the Official site. The fake URL looks like:
“https:/myaccounts-webapps-verify-updated-informations.epauypal.com/myaccount/e6abe”
With a URL like mentioned above, it indicates it’s a scam. Without a doubt, these PayPal scammers put strong efforts to make this fake website looks like the official one. However, there are still major loopholes provides proper evidence that this email and website are fake.
One more way to identify the email is a part of PayPal phishing scam by clicking on the “Resolution Center” button. When you click on the button, it will lead you to another page that will ask for your account and personal information. These forms will look like:
At this moment, users come at the point where they can lose all their sensitive data, which is horrifying. Without submitting the information by clicking on the confirmation button, everything you fill on the form might already be logged by scammers. Christopher Boyd explains this scenario very well in his publication:
“Sadly, anyone submitting their information to this scam will have more to worry about than a fictional declined payment, and may well wander into the land of multiple actual not-declined-at-all payments instead. With a tactic such as the above, scammers are onto a winner—there’ll always be someone who panics and clicks through on a “payment failed” missive, just in case. It’s an especially sneaky tactic in the run-up to December, as many people struggle to remember the who/what/when/where/why of their festive spending.”
More Scenarios That Indicate PayPal Phishing Scam & How to Avoid Them
Case1# Invitation to Open PayPal Account
If you are running a business as a seller and you do not have a PayPal Account, this may happen that scammers will approach you as a buyer. They will show interest in buying the products you offer and tell you that they will pay you via PayPal.
In this scenario, the best these scammers do to attract you is by placing bulk orders. Moreover, at this movement, you will see a huge amount of money is knocking at your door, and that’s where these scammers trick you.
When you tell them that you don’t have a PayPal account, they will you fake PayPal link that’s look similar to a genuine one.
But in reality, the scenario is different. These scammers have zero interest in buying your products. The only and only aim of these scammers is to indulge you in opening PayPal account through their offered URL. This is another type of PayPal phishing attack since the provided link will lead you fake PayPal form as I mentioned above earlier.
All the personal information you insert in this form will be directly monitored by scammers. Moreover, providing personal information to these scammers is dreadful. These scammers use all your data to hack your other financial accounts and make you beg.
How to Avoid This Type of PayPal Phishing Scam?
First, make your habit never access the link or address that mentioned in an email to register for online payment accounts. Always register by going to the official company website.
Moreover, always compare the spelling of URL mention in an email with the official one. At first glance, it might be the case that you can’t identify the difference between “PayPal.com” and “PayPal.com.”
Additionally, take assistance from your friends who are regular users of the PayPal website and aware of the official transaction process. In this way, there are higher chances that they will notice the difference in design or procedure and notify you on an immediate basis.
In short, without taking any risk always use the official PayPal website. So, if the buyer is not a scammer, he/she will put the request to process the transaction.
Case2# Deliver the Purchased Item to Unknown Address
This is another case of PayPal Phishing for the business person. In this case, buyers will request you to deliver the item to his/her friend or family member address. And they will make the payment through PayPal account and give you another address to deliver it.
Remember that PayPal never takes responsibility for goods that are not going to deliver at registered address with buyer’s PayPal account. So if you are a new user of PayPal services and you do not bother to read PayPal’s policy, then you are in serious trouble.
For the sake of sales, scammers will trick you by