Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 121 - December 2011 - Page 21

PayPal 'Verify to Resolve Account Limitations' Phishing Scam

Issue 121 Start Menu

Previous Article            Next Article

Email, purporting to be from PayPal, claims that the recipient's account has been limited and that he or she must login via a link in the message to resolve the issue.

Brief Analysis
The email is not from PayPal and the claim that the user's account has been limited is untrue. Those who follow the link will be taken to a fake PayPal website that attempts to steal their login details and other personal and financial information.

Bookmark and Share
Detailed analysis and references below example.

Last updated: 11th November 2011
First published: 11th November 2011
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer

Verify Identity

Dear Customer,

You may have noticed that some limitations have been placed on you PayPal account. As a valued PayPal customer, we want to le you know what this means an how to resolve the situation.

What does it mean to have limited access?
Send money to other PayPal users
Request or receive money from other user
Edit or remove account details
Close your PayPal account

How do I resolve the issue?

The account limitation process helps to maintain PayPal as a safer way to buy and sell. It's similar to passing through a security checkpoint. When we limit an account we often simply ask the user to supply information to verify their identity , financial information or the merchandise they're selling.

Log on

PayPal aims to review account information within 48 hours so please aim to get the information to us as soon as possible.
Reviews are performed in the order they are received.

Yours sincerely,

Screenshot of scam email

PayPal Verify Identity Scam Email

Detailed Analysis
This message, which appears to come from online payment service PayPal, claims that the recipient's account access has been limited, supposedly as a safety precaution. According to the email, the recipient can resolve the issue by following a PayPal login link in the message and supplying information that will verify his or her identity.

However, the email is not from PayPal. The claim that the account has been limited is a lie designed to trick the recipient into following the link supplied in the message. In fact, the email is a phishing scam that attempts to trick PayPal users into divulging their account login details and other personal and financial information.

Those who follow the link will be taken to a sophisticated, but entirely fake "PayPal" website that has been carefully designed to mirror the real thing. The casual observer might find it difficult to notice any difference between the fake webpage and the genuine PayPal site. If the victim goes ahead and enters his or her login details on the fake webpage, the following "Confirm your identity" web form will appear. The form asks for the victim's name, address and contact details as well as his or her credit card information:

Fake PayPal Confirmation Form

Any information submitted on the fake website - including the user's PayPal login details - can be collected by the criminals running this phishing expedition. Once they have collected this information from their victim, the criminals can then use it to login to his or her real PayPal account, steal more personal information and make fraudulent PayPal transactions. They can also use the stolen credit card information to commit credit card fraud.

Although the bogus website looks genuine at first glance, a closer appraisal soon reveals telltale signs that skulduggery is afoot. Firstly, none of the navigation tabs or secondary links on the fake login page actually work. Secondly, the web address is not a genuine PayPal domain name. Thirdly, and most importantly, neither the login facility nor the online form use a secure (https) web address. No genuine website or online service would ask users to submit sensitive personal or financial information on a non-secure web page.

The scam email itself also employs an oft-used scammer tactic by disguising the link so that it appears to point to a genuine PayPal web address. While the login link in the message displays as "", the actual link underneath is in fact an entirely different address.

Because it conducts its operations primarily online and via email, PayPal has become an ongoing target for phishing scammers. Be cautious of any message purporting to be from PayPal that asks you to follow a link to supply personal or financial information. Always login to PayPal by entering the PayPal address into your web browser. PayPal has published information on its website that helps users identify phishing scams.

Bookmark and Share References
Difference Between http & https
Check Links in HTML Emails
Phishing Guide

Previous Article            Next Article

Issue 121 Start Menu

Pages in this month's issue:
  1. Bogus Warning - Scammers Asking for Baby Details to Claim Benefits in Your Children's Names
  2. False Claim - Cardiff City Football Club Refused to Donate Club Shirt for Fallen Soldier's Coffin
  3. Summer Chain Email - Blond Hair And Blood Shot Eyes
  4. Facebook Account Reported Phishing Scam
  5. Christmas Tree App Virus Hoax
  6. Sears Supports Reservist Employees Email Forward
  7. False Claim - Colour Photographs of Hitler Taken by American Life Photographer
  8. Budweiser Frogs Virus Hoax
  9. Phone Text Message Lottery Scams
  10. Skype TopUp Payment PayPal Phishing Scam
  11. Hoax - Mark Zuckerberg Blames Facebook Porn Attack on the Philippines
  12. 'DGTFX Virus' Email Account Phishing Scam
  13. Recent Facebook Porn Attack Highlights Dangers of Misleading 'Security' Warnings
  14. False - Send Christmas Cards for Recovering Soldiers to Queen Elizabeth Hospital
  15. Christmas Cards for Recovering American Soldiers
  16. Starbucks Coffee Free Gift Card Survey Scam
  17. Facebook 'Virus' Warning - 'Nobody can watch this for more than 15 seconds' Video
  18. Advance Fee Scam - British National Lottery Promo Programme
  19. Live Ants In The Brain Hoax
  20. Hoax - Albany Bread Poisoned by Staff
  21. PayPal 'Verify to Resolve Account Limitations' Phishing Scam
  22. Red Bull Car Adverts Money Laundering Scam
  23. Hoax - Facebook Shutting Down on March 15
  24. False Warning - Red Dot Inside a Red Square On Chocolate Bars Indicates That Product Contains A Pork Derivative
  25. IT Service Desk 'Scheduled Maintenance & Upgrade' Phishing Scam
  26. Abandoned Two Week Old Sydney Baby Prayer Request
  27. Protest Message - Prison Sentence for Spray Painting Poppy on Mosque
  28. Protest Message - Dog Named 'Parrot' Shot by Police
  29. Inaccurate Protest Message - Poundland and Bodyshop Banning Staff From Wearing Poppies
  30. Apple Store Account Phishing Scam