Paypal warns users about latest phishing attempt

An exterior view of eBay/PayPal offices in San Jose, Calif., is seen, Wednesday, Jan. 19, 2011.Paul Sakuma — The Associated Press file

By Tim Simko, The Morning Journal & The News-Herald

POSTED: 01/31/17, 4:21 PM EST | UPDATED: 2 HRS AGO

0

This March 10, 2015, file photo, shows signage outside PayPal’s headquarters in San Jose, Calif.Jeff Chiu — The Associated Press file

Paypal explains how to identify phishing

An official email from Paypal will never ask a user to do the following through email:

1. Send an email to: “Undisclosed Recipients” or more than one email address.

2. Ask a user to download a form or file to resolve an issue.

3. Ask to verify an account using personal information such as name, date of birth, or address.

4. Ask to verify an account using bank account information such as bank name, routing number, or PIN number.

5. Ask to verify an account using credit card information such as credit card number or type, expiration date, or ATM PIN number.

6. Ask a user for security question answers without displaying each security question that was created

7. Ask a user to ship an item, pay a shipping fee, send a Western Union Money Transfer, or provide a tracking number before the payment received is available in the transaction history

— Courtesy spoof@paypal.com

Fraudulent emails are showing up in Paypal users’ email inboxes in an attempt to gain a users information, according to Paypal.

How to report suspicious activity to Paypal

Paypal recommends the following for reporting suspicious activity:

1. Open a new browser or tab and type in “www.paypal.com”;

2. Log in to the PayPal account in question.

3. Click “Activity” near the top of the webpage.

4. Click on the suspicious transaction to expand the details.

5. Click “Report this as unauthorized”

6. Complete the report process on the next screen.

— Courtesy spoof@paypal.com

The email is designed to look like an official Paypal email and says that it is confirming that a new email address has been added to the user’s Paypal account and that if the user didn’t add the new email to let Paypal know.

The email also contains links to what looks like an official Paypal website. Once on the website, an unsuspecting user is expected to enter their account information immediately to try and access their account.

According to an email from Paypal’s security experts at spoof@paypal.com, 90 percent of all email worldwide falls into the spam or phishing category.

Advertisement

“By submitting reports of suspicious email to us you are helping to address this problem,” Paypal said in a statement.

If an email seems suspicious, the security team recommends opening a new tab or window in a web browser and typing paypal.com to ensure that a user is on the legitimate website.

“Any time you receive an email about activity to your Paypal account, the safest way to confirm validity is to login directly to the Paypal website and review the relevant section,” Paypal said.

The company said it will never directly ask for personal banking information through an email or ask for answers to security questions without displaying each security question that was created, according to the statement.

The company will also never ask a user to ship an item or send a Western Union money transfer.

If a user believes an email may be suspicious, it can be reported at the Paypal Security Center or the email can be forwarded tospoof@paypal.com and the Paypal Security Team can help determine the validity of the email and try to deter the fraud.

“We take reports of suspicious email very seriously,” Paypal said.

SUBSCRIBE TO HOME DELIVERY AND SAVE!