Scam Alert: PayPal fraud warning

Scam Alert: PayPal fraud warning

Cyber con artists are posing as members of the PayPal security team investigating suspected fraud on a user's account in yet another phishing scam.

Emails are sent from - rather than a PayPal address - informing the recipient it has "detected unusual charges to a credit card linked to your account".

The message alleges that the recipient's PayPal account has been "limited" because a "number of suspicious activities have triggered our security system that shows that an unauthorised user tried to access your PayPal account with malicious intent".

Then follows an instruction to download a dodgy dossier that will no doubt try to steal your personal details - and ultimately your money
- from your computer.

The email reads: "We have sent you an attachment containing the necessary steps in order to restore your account to its normal state. Simply download and open it in your web browser."

In an attempt to reassure the message is genuinely from PayPal, it follows up with: "Please do understand that this is a security measure intended to protect you and your account. We apologize for any inconvenience."

At the very bottom of the message, the following line appears in smaller text: "Please do not reply to this email. This mailbox is not monitored by our staff. For assistance, you may log in to your PayPal account and click Help in the top right corner of the home page."

This, again, is an attempt by the fraudster to look legitimate. But the very fact that the email contains an attachment - something a real PayPal message would never contain - is the biggest clue to its bogus nature.

And unlike similar scam emails Moneywise has seen previously, the spelling and grammar used in the message is pretty good so it's not so glaringly obvious that the message is fake.

On the real PayPal website, the real web security team recommend anyone receiving what they believe to be a suspicious email to forward it to

"Our security experts will be able to look at the email to determine if it is a fake. If it is a fake, then we will get the source of the email shutdown as quickly as possible. By reporting these emails you will protect yourself and everyone else too," says the company.

What is 'phishing'?

PayPal explains it as follows: Phishing is an attempt to steal your information. Criminals pretend to be a legitimate business to get you to disclose sensitive personal information, such as credit and debit card numbers, bank information or account passwords.

Note that phishing emails can also lure you to open suspicious attachments or visit websites that can infect your computer with malware.

PayPal's advice for spotting scam emails is to look out for:

  • False sense of urgency - many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
  • Fake links - These may look real, but they can lead you astray. Check where a link is going before you click by hovering over the URL in an email, and comparing it to the URL in the browser. If it looks suspicious, don't click.
  • Attachments - A real email from PayPal will never include an attachment or software. Attachments can contain malware, so you should never open an attachment unless you are 100% sure it's legitimate.
  • If you are not sure whether a PayPal email is legitimate or not, here is what you do: Do not click on any link in the email. Instead, start a browser, go to PayPal and log in. If there is any urgent message for you, you will see it as you log in.

More about

Your Comments

If there is any "scam", it is PayPal itself ...

Problem is that even when everything looks OK, one still can't be certain as to whether an e-mail is a scam.  I tend to play it safe by ignoring all unsolicited e-mails that request information unless one tells me to visit my account in a manner that is independent of the incoming e-mail.   I look forward to the day when all scammers and hackers are dropped from an aircraft without a parachute or blindfold!
Unlike the US we are far too soft on cybernet criminals when they're caught.

i have had many of these in my junk folder but always delete them without opening them.

The credit card companies are don't exactly help. I was contacted by phone by someone claiming to be from Capital who said that suspicious activity had been spotted on my credit card and could I confirm some personal information over the phone.
Being a regular reader of Moneywise I told them that I did not give out personal information over the phone due to the high numbers of Scams and said I would contact the CC company directly.
It transpired that the call was from Capital but I was astonished that there were asking me to provide personal details over the phone as a result of an unsolicited call. Of all people they should have known better. This is exactly the behaviour scammers would use.

the banks play into the scammers hands, they insist on sending stuff through the post even when asked not to do so, to make it worse they have all the info, eg, card numbers, addresses etc there for the thieves to get hold of, I tackled them over this and they say there is no security issue here, I do not agree, I closed the account because of this and told them in no uncertain terms why.

I agree some banks at least don't help.  I recently wanted to transfer some money from an old to a new ISA.  The bank in question insisted on doing it over the phone, and that I would lose the offer unless I did it that day.  I felt extra uneasy when they asked to phone me back- even though the reason was legitimate, - I could not hear very well. But I could hear no better after. And the young man was not very professional at all.  In fact it all went through ok,  To be fair I had phoned the bank, but the customer service was very questionable.  The money is safe however.

These scams are easy to spot. Firstly, they should address you by name. Secondly, check the bottom of the screen when you hover the mouse over a link. If the address is not kosher, it's a scam. Thirdly, ring or email the bank directly.
I forward, where possible, all scams to the associated bank and delete it from my email immediately! If a bank thinks there's something fishy about my account, I wouldn't accept an email on the issue!