Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










PayPal 'Account Access Limited' Phishing Scam

Outline
Email purporting to be from PayPal claims that the recipient's account has been limited because PayPal needs more information to help provide a secure service.

Fraud Concept

© Depositphotos.com/ Illia Uriadnikov



Brief Analysis
The message is not from PayPal. It is a phishing scam designed to trick PayPal customers into divulging their account login details and other personal information to criminals.

Bookmark and Share

Example

 


Detailed Analysis


According to this email, which purports to be from online payment company PayPal, the recipient's PayPal account has been limited because of security concerns. The message claims that the company needs to ensure that the account was not accessed by a third party and has therefore imposed restrictions to protect the account.  It instructs the user to click a link to provide more information so that the company can provide a secure service and remove account restrictions.

The message includes the PayPal logo and what appear to be genuine PayPal web addresses.

However, the email it is not from PayPal and the claim that the recipient's account has been limited is a lie. Instead, the email is a phishing scam designed to trick recipients into giving their personal and financial information to online criminals.

Uses who fall for the trick and click either of the links in the message will be taken to a bogus webpage that is designed to emulate the genuine PayPal website.  Once on the fake site, users will first be asked to login by providing their PayPal email address and Password.

After submitting their login credentials, they will be taken to a second bogus webpage and asked to provide contact and identity details and credit card information, ostensibly to verify and secure their account.

All of the information supplied can be collected by criminals and used to hijack the compromised PayPal accounts and commit credit card fraud and identity theft.

When sending emails, PayPal will always address you by name, never "Dear Customer", "Valued PayPal Member" or other generic greetings.   Be very cautious of any message purporting to be from PayPal that claims that you must click a link or open an attachment to update account details or fix an account issue.  If you receive such an email, do not click any links or open any attachments that it contains. It is always safest to login to your PayPal account by entering the address into your browser's address bar rather than by clicking a link in an email.

You can report PayPal phishing scam emails that you receive via the reporting email address listed on the company's website.

Bookmark and Share

Last updated: November 29, 2013
First published: November 29, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
PayPal 'Verify to Resolve Account Limitations' Phishing Scam
PayPal - Send hoax emails to phishing@paypal.com.au