Days after Gmail users all over the world fell victim to a phishing scam, it seems that PayPal users are vulnerable as well as they are being targeted by hackers to give up login credentials.
According to this phishing scam, fake PayPal pages have been prepared to trap unsuspecting users into giving up their personal data.
The pages are highly convincing as baits because they look very real and trick the users into revealing the user login credentials and other personal details, which will assist hackers in getting into the accounts.
How Does The Scam Function?
Users receive an e-mail which includes the PayPal logo, a sophistically written message and even fine print to make the mail look real.
The e-mail informs the user that PayPal is planning to resolve some issues with their account and there are certain limitations imposed on the account till the issue gets fixed. The message also urges the user to log in immediately to solve the problem. The moment a user receives such an e-mail, he or she tends to panic ans hastens to resolve the issue and fix whatever is causing the trouble.
The login option provided in the e-mail takes the user to the supposedly official PayPal page. A clear look at the URL would reveal that the page is a complete hoax.
However, in their haste, once the user enters the login credentials into the system of the page, the data directly reaches the scammers.
The ensuing pages are the most dangerous ones as the users would have to insert all their personal details like address, phone number, social security number, date of birth and more, which the scammer can use to compromise the user's identity.
Moreover, the user shall not be allowed to interact with PayPal until all the data has been provided. Therefore, the user is fooled on the basis of urgency and is made to provide all the details.
How To Avoid These Traps?
These fake campaigns are well crafted. By studying the e-mail content and the URL closely, one may be able to determine that it is a fraudulent message. Therefore, it is best not to try to fix any of these supposed issues on PayPal by clicking on the tabs provided in the e-mail as it may or may not be real.
The user can open another PayPal page in a different tab. This could be the best way to crosscheck facts and see if there is any issue that needs an immediate fix.
Generally, the authentic e-mails send by PayPal will be addressing the user with his or her full name and would provide a detailed explanation as to why the issue is occurring. The genuine e-mail would also give the data that the user needs to provide to counter the problem.
Moreover, if there is a genuine issue with one's account, a user is required by PayPal to upload copies of bank statements and utility bills rather than feeding in the personal data by hand.
Photo: Steve Ganz | Flickr