Sneaky phishing emails warn that your account has been suspended, ask you to confirm your email or claim that you’ve added a new phone number.
These phoney emails carefully use PayPal’s logo, branding and other crafty tactics to try to catch you out, but there are some giveaways that expose these scams.
Find out how to spot, avoid and report these scams.
This sneaky scam is hard to detect. It claims that your account has been suspended, which could immediately spark panic and cause you to react.
The email appears to come from a legitimate 'email@example.com' email address, but if you take a closer look you will see that this isn't the case.
Scammers often mask their email address to make the email appear genuine, this is known as spoofing. Here you can see that the true sender is a nonsensical mess of letters, and the true email domain that's revealed is not a '@paypal.com' but '@googlegroups.com'.
The email also includes a dodgy link to 'Login to PayPal'. We don't recommend clicking on suspicious links in emails, but for our research, we took a deeper look at this link which appeared to go to a LinkedIn page.
The link then redirects you to a scam website called 'oximade.com', which the security filters on our browser warned us may contain dangerous content or software to steal personal and financial information.
This email opens with PayPal's logo and is titled ‘Confirm your email’.
It then states: ‘According to our records, Some information on your account appears to be missing or incorrect because some unusual activities may have accessed your account.
‘We require additional information from you everytime your account try to sign in to a new device,’
‘Click the button below, follow the instructions and we will update you with our final decision.’
It may look official with PayPal's logo and brand style, but an easy giveaway here is that the email is poorly written with a number of grammatical errors.
Scammers can easily spoof email addresses to mask the identity of the true sender. While an email like this one may appear to come from PayPal, if you examine the sender's email address you'll see that it comes
Always be on your guard against any emails claiming that details on your account need changing or confirming if you haven’t requested this yourself - especially if you're asked to follow a link to confirm your details.
If you do receive an email like this, it’s best to check your account with PayPal directly to see if there have been any recent changes to your account.
Typically, PayPal will need to confirm your email address once you have initially signed up and won’t ask you again.
Another PayPal email scam doing the rounds tells you that a phone number has been added to your account.
It says: ‘Your phone number helps us reach you quickly and ensures your transactions are more secure. If you made this change, great!’
It then includes a blue button with the words ‘No it wasn’t me’ which invites you to click on a dodgy link.
It's hard to easily spot the scam in this email. However, it's important not to click on links in emails like this and instead, cross-reference the email’s claims by logging into your PayPal account.
We have reported all of these scams.
PayPal has confirmed that these emails aren’t from them and say that genuine emails will always address you by your first and last name.
On its website, PayPal states that emails are the typical method it uses to contact customers.
PayPal advises you to check that the email is sent from a genuine PayPal email address and always verify information given in emails with your PayPal account. You can forward suspicious emails to firstname.lastname@example.org.