• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Jobs
  • Career
    • Cyber Security Training
    • Work from Home
    • Cyber Security Analyst
    • Remote Work – Six Ways to Keep Your Data Safe When Working Remotely
  • Field Guide
  • Newsletter Signup
  • Deals
  • News
AskCyberSecurity.com

AskCyberSecurity.com

Cyber Security News & Information

  • Home
  • Data Privacy
    • Gamers
    • Government Cyber Security
      • Legislation
      • Standards
        • What are the risks of computer security?
        • Medical Cyber Security
    • Social Media
  • Security
    • Data Breaches
    • Scams
    • Malware
  • Software
    • Apps
    • Web Browsers
  • Glossary
    • Cyber Security Acronyms
  • About Ask Cyber Security
    • Authors
    • Contact Us
  • VPN
    • How Do I Know If My VPN is Working?
    • Best Free VPN iPhone
    • Why Use a VPN?
    • NordVPN vs IPVanish
    • Private Internet Access Download
    • Best VPN for Streaming
      • TikTok VPN
    • VPN Porn
    • Computer Security Software – What You Really Need
  • Tutorials
  • ChatGPT
    • Does ChatGPT Save Data?
AskCyber Home » News » News » PayPal Phishing Scam Steals Accounts

PayPal Phishing Scam Steals Accounts

2021-01-18 by Michelle Dvorak

PayPal Scam Limited

Cybercriminals Impersonating PayPal to Steal Login Credentials

Cybercriminals are once again phishing PayPal customers attempting to steal their login credentials. The ultimate goal is to gain access to a users’ PayPal account to gain access to sensitive data including banking information that is saved in the profile.

In this PayPal phishing scam, victims are sent an email that informs them that their PayPal account is “limited.” A brief explanation says that this is because of an outdated profile. The victim is instructed to log in to their PayPal account to remove the limitation.

READ: PayPal How to Log Out of All Devices

“Because PayPal accounts are linked to credit cards and bank accounts, PayPal itself is a commonly impersonated brand from attackers hoping to steal that information from unsuspecting victims,” says the report on Abnormal Security

The phishing email appears to be sent from service@paypal.com. However it is really sent by from dion [.]ne.jp. This domain name and email address are not connected to PayPal in any way.

READ PayPal Users Can Now Buy Bitcoin, Ethereum, Litecoin

Cloaked Link

The phishing email message contains a link which attempts to trick the reader into thinking it takes them to a PayPal login page where they can update their profile and remove the limitation. However, the link is cloaked to hide a spoofed website which is not the legitimate PayPal website.

The spoofed PayPal login page impersonates PayPal – it looks the same. However, the domain name arferdimpex[.]biz is obviously not associated with PayPal.

When the reader is tricked and clicks on the link in the phishing email, they are directed to a credential harvesting website. The website impersonates the real PayPal website. It prompts the victim to enter in their PayPal login credentials including their password. If the victim enters their PayPal login, it is sent to  the cybercriminals and the PayPal account is compromised.

How to Avoid This PayPal Phishing Scam

  1. Always scrutinize any email sender’s email address – especially when the email is asking you to click on a link or download an attachment
  2. Never click on a link in any email (even if you think it is legitimate) to access an online account
  3. Go directly to the vendor’s website instead
  4. Beware of any email that urges you to act quickly. Scammers typically strike fear into victims by telling them their account has been locked, their password needs to be reset, or that there has been suspicious activity on their account
  5. When in doubt, call the email sender to confirm who sent the email

Filed Under: News Tagged With: PayPal

About Michelle Dvorak

Michelle writes about cyber security, data privacy focusing on social media privacy as well as how to protect your IoT devices. She has worked in internet technology for over 20 years and owns METRONY, LLC. Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. Michelle published a guide to Cyber Security for Business Travelers


LinkedInTwitterFacebook

Primary Sidebar

Subscribe to Our Free Newsletter

We Don't Share or Sell Your Info

Web Browsers

Where Are My Saved Passwords in Chrome?

Google Removes 70 Malicious Browser Add-ons from Chrome Web Store

Firefox 75 Reports Your Browser Settings to Mozilla

Categories

Cyber Security Field Guide

Computer Security While TravelingGet Our Cyber Security Field Guide - Available on Amazon!

Recent Posts

Security Marketing Manager – Remote

Sr. Associate, Cybersecurity Architect – Pfizer

Strategic Customer Success Manager – Cybersecurity – Opportunity for Working Remotely

Top 20 Passwords Leaked on Dark Web

ISU Cybersecurity Leader Job Opening

Cyber Security News

Top 20 Passwords Leaked on Dark Web

… [Read More...] about Top 20 Passwords Leaked on Dark Web

Apple Warns of Actively Exploited Zero-Day Flaw

… [Read More...] about Apple Warns of Actively Exploited Zero-Day Flaw

IRS Stops Facial Recognition System for Online Access

… [Read More...] about IRS Stops Facial Recognition System for Online Access

National Cybersecurity Alliance Announces Data Privacy Week

… [Read More...] about National Cybersecurity Alliance Announces Data Privacy Week

More Cyber Security News

Tags

amazon Android Apple bitcoin China chrome CISA credit card DarkSide DHS DOJ Equifax Europe Facebook facial recognition FBI Firefox FTC games GDPR Google Government hacker identity theft India iPhone Iran IRS LinkedIn Microsoft North Korea PayPal phishing phishing email ransomware REvil Russia smartphone T-Mobile TikTok tutorial VPN WhatsApp WiFi Windows

Government

CBP Looks to Access Airline Passenger Data

FTC Releases Cyber Threat Video Playlist

Malware Found on US Government Funded Phones

UK NCA Reaches Out to Youth to Deter Cybercrimes

More Posts from this Category

Footer

Menu

  • Home
  • About
  • Authors
  • Newsletter Signup
  • PRIVACY POLICY

Search

Why Use a VPN?

NordVPN vs IPVanish VPN Review

NAVIGATION

  • Data Breaches
  • Data Privacy
  • Gamers
  • Scams
  • Malware

MEMBER NJCCIC

New Jersey Cybersecurity & Communications Integration Cell

STAY CONNECTED

  • Facebook
  • Instagram
  • Pinterest
  • YouTube
  • Twitter
  • RSS

Copyright © 2023 · AskCyberSecurity.com · METRONY, LLC

Go to mobile version