Email claims that the recipient’s PayPal account will be suspended if he or she does not update account information.
False – The email is the first part of a scam designed to steal personal information.
Example:(Received August 2006)
Subject: PayPal Account Suspension Notice – PayPal Account Limited
Dear valued PayPal® member:
It has come to our attention that your PayPal® account information needs to be updated as part of our continuing commitment to protect your account and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and update your personal records you will not run into any future problems with the online service.
However, failure to update your records will result in account suspension.
Once you have updated your account records, your PayPal® session will not be interrupted and will continue as normal.
To update your PayPal® records click on the following link:
[Link to fake website Removed]
PayPal® UPDATE TEAM
The phishing scam message shown above is typical of many other fraudulent emails that target users of online payment service, PayPal.
The scam email is formatted to look like a genuine PayPal message and includes official looking logos. The message warns recipients that their PayPal account will be suspended if they do not update their personal records. Recipients are instructed to click a link in the email to update their account. The message uses HTML to disguise the link so that it resembles a genuine PayPal web address.
Recipients who click on the bogus link are taken to the following fake PayPal login page:
Although the web page closely resembles a genuine PayPal page, it is in fact a fraudulent copy that tries to trick victims into entering their PayPal email address and password.
Once a victim logs in to the fake site, he or she is then asked to provide credit card details as shown in the screenshot below:
If the victim provides credit card details and clicks the “Submit” button, he or she is requested to provide other sensitive personal information on subsequent pages of the fake web form.
Information entered into the fake website can then be used by the scammers to access the victim’s genuine PayPal account, use the victim’s credit card and possibly even steal the victim’s identity.
Be wary of any email that asks you to click a link and provide sensitive personal information such as passwords or credit card details. PayPal and other legitimate companies do not request such information from customers in this way. To learn how to recognise phishing scams and effectively protect yourself from this sort of fraud, follow the link below.
The PayPal website also provides comprehensive information about PayPal related scams.