PayPal is one of the most popular online payment systems in the world and a great option for sending and receiving money. Its worldwide fame makes it a very attractive hook for cybercriminals and hackers , who try at all costs to get a slice of clueless or inexperienced users. It is possible that at some point you have fallen into the trap and have ended up being the victim of some scam. If so, you have surely learned your lesson.
However, if you have still gotten rid of it, it is recommended that you know the most common types of scams in PayPal and what you can do to avoid them. You already know that all precautions are little to secure your account and protect it.
Phishing technique (the most used)
Phishing is a fraud technique created to steal a user's identity. It works by using fraudulent information to get sensitive information, such as passwords, credit card numbers or ID numbers, to be revealed. How could it be otherwise, PayPal is not spared from this fraudulent method , and from time to time many users report false emails that try to impersonate the online payment service.
One of the most widespread is an email that simulates the invoice and confirmation of an alleged purchase. In the body of the message, a link appears to be able to cancel the transaction, through which the user's personal data, the bank details that are linked to PayPal, as well as their password are requested. Keep in mind that the fake email comes from an email account not linked to the Paypal domains, nor to “@ paypal.es” or “@ e.paypal.es”. That is, it comes from strange addresses, such as "@ 0dx9xajinmqva90x1 @ sokserem.org" with the subject "Payment confirmation" or similar.
Some scammers put a fake address bar over the real one so that you think you are on the real Paypal page. But just because a URL contains the word "PayPal" does not mean that it is the legitimate site. If the URL looks too difficult, it is very possible that it is a fake website . Example: “//secure-paypal.com” or “//Hemingway.thjikll.com/reroute?dst=www.paypal.com+dxz=hj7679”. Real PayPal URLs start with “//www.paypal.com”. Sometimes the three w's can be substituted for other letters, but they should be followed by “paypal.com” right away.
Therefore, to avoid this type of scam, always make sure that the address comes directly from a real domain. In any case, if you ever doubt the authenticity of a link, manually type www.paypal.com in your browser to log in directly from there. Also, PayPal will never ask you for the following personal information in an email message:
- Credit and debit card numbers
- Bank account numbers
- National identity document numbers
- Full name
- Email addresses
- Passwords
Smishing (text message scam)
Phishing can also reach your mobile device via text or voice messages. This is known as smishing, which occurs when a scammer sends a text message to your phone number using a non-existent phone number or URL. The message type is usually like this:
“Your PayPal account has been suspended due to suspicious movements. Contact us immediately at (here a phone number, for example 1234 5678). We need to talk to you urgently. "
“PayPal: You have made a payment of 300 euros with PayPal. If you have not made this transaction, call us immediately at 1234 5678. Thank you ”.
If you contact that number, you are confirming to the scammers that you have a PayPal account. When you talk to the scammer, they will ask for your account information so they can log into it and steal it to get personal information. In this case, avoid these types of messages and check within your PayPal account if you have any important notice from the service. Delete those messages and contact PayPal's security experts at “[email protected]”. Inform them of what happened so they can give you directions to follow.
Vishing (voicemail scam)
Scammers sometimes use an automated system to make voice calls, reporting problems with the account and requesting information about the account. It is about vishing or scam through voice messages. We leave you an example of what you could hear in a call of this type:
“We call you from PayPal to inform you about a possible fraudulent transaction in your account. Enter your password to hear the details of the transaction. We need your immediate action to be able to block this transaction ”.
Once you have entered your password, the scammers obtain the necessary information to access your account. Therefore, never provide your account information to third parties, unless it was you who started the conversation. Never trust the identification of the caller, even if they tell you it is from PayPal. This is not enough to trust the call.
Note that sometimes automated calls may ask you to call back. They give you a number or allow you to call back with a single click on your device. Never call these numbers. If you have to contact PayPal, click on the Contact and help link on their website.
Problem with your PayPal account
Another very common scam is that of a possible problem with your PayPal account. In this case, you receive an email informing you that there is a problem with your PayPal account, or that it is going to be canceled. In this email there always appears a link so that you can directly access your account by logging in, and so you can see what is happening. Again, we have the same phishing scam , widely used for scammers to get our password.
Remember that PayPal will never ask you to enter your username and password through a link. It will only ask you to do it on its actual home page or in the official app. Again, always look at the email address that appears in the email and take into account the indications that we comment on in the Phishing Technique section.