Scam Alert: PayPal fraud warning
Cyber con artists are posing as members of the PayPal security team investigating suspected fraud on a user's account in yet another phishing scam.
The message alleges that the recipient's PayPal account has been "limited" because a "number of suspicious activities have triggered our security system that shows that an unauthorised user tried to access your PayPal account with malicious intent".
Then follows an instruction to download a dodgy dossier that will no doubt try to steal your personal details - and ultimately your money
- from your computer.
The email reads: "We have sent you an attachment containing the necessary steps in order to restore your account to its normal state. Simply download and open it in your web browser."
In an attempt to reassure the message is genuinely from PayPal, it follows up with: "Please do understand that this is a security measure intended to protect you and your account. We apologize for any inconvenience."
At the very bottom of the message, the following line appears in smaller text: "Please do not reply to this email. This mailbox is not monitored by our staff. For assistance, you may log in to your PayPal account and click Help in the top right corner of the home page."
This, again, is an attempt by the fraudster to look legitimate. But the very fact that the email contains an attachment - something a real PayPal message would never contain - is the biggest clue to its bogus nature.
And unlike similar scam emails Moneywise has seen previously, the spelling and grammar used in the message is pretty good so it's not so glaringly obvious that the message is fake.
On the real PayPal website, the real web security team recommend anyone receiving what they believe to be a suspicious email to forward it to firstname.lastname@example.org.
"Our security experts will be able to look at the email to determine if it is a fake. If it is a fake, then we will get the source of the email shutdown as quickly as possible. By reporting these emails you will protect yourself and everyone else too," says the company.
What is 'phishing'?
PayPal explains it as follows: Phishing is an attempt to steal your information. Criminals pretend to be a legitimate business to get you to disclose sensitive personal information, such as credit and debit card numbers, bank information or account passwords.
Note that phishing emails can also lure you to open suspicious attachments or visit websites that can infect your computer with malware.
PayPal's advice for spotting scam emails is to look out for:
- False sense of urgency - many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
- Fake links - These may look real, but they can lead you astray. Check where a link is going before you click by hovering over the URL in an email, and comparing it to the URL in the browser. If it looks suspicious, don't click.
- Attachments - A real email from PayPal will never include an attachment or software. Attachments can contain malware, so you should never open an attachment unless you are 100% sure it's legitimate.
- If you are not sure whether a PayPal email is legitimate or not, here is what you do: Do not click on any link in the email. Instead, start a browser, go to PayPal and log in. If there is any urgent message for you, you will see it as you log in.
Phishing scams are typically fraudulent email messages from seemingly legitimate sources (your internet service provider, mobile phone provider, bank etc). These messages usually direct you to a counterfeit website or ask you to divulge private information (password, PIN, credit card numbers, or other account updates), which is then used to commit identity theft.
Issued by a bank as part of a current account and, in a nutshell, serves as electronic cash. Unlike a credit or charge card, where you get an interest-free period before you have to settle the bill, the funds spent on a debit card are withdrawn immediately from your current account. Unless you’ve arranged an overdraft, if you don’t have the cash in the account, you can’t spend it.
Used by the holder to buy goods and services, credit cards also have a monthly or annual spending limit, which may be raised or lowered depending on the creditworthiness of the cardholder. But unlike charge cards, borrowers aren’t forced to pay the balance off in full every month and, as long as they make a stated minimum payment, can carry a balance from one month to the next, generating compound interest. As the issuing company is effectively giving you a short-term loan, most credit cards have variable and relatively high interest rates. Allowing the interest to compound for too long may result in dire financial straits.