A scam targeting PayPal users might be in finding its way into peoples' inbox. A fake PayPal email aims to steal personal information from its victims.
NBC Connecticut's Troubleshooters talked to a man, who will be referred to as Bob, was targeted by the scam. Bob refused to give his real name out of fear that the scammers might get his name.
Bob recieved an email from someone claiming to be PayPal. The email came with a form attached and said the form was part of a security check.
"It said that my PayPal account was frozen until I filled out additional paperwork," Bob explained.
The attached form asked Bob to verify his name, social security number, mother’s maiden name, address and telephone number.
Here is an example of the form:
"It had the PayPal logo and I was thinking it was from PayPal," said Bob.
He was skeptical because of the personal nature of the questions asked. Bob noticed, the email address was from firstname.lastname@example.org and not from @PayPal.com.
After a quick phone call to PayPal, Bob was able to find out the email and the form were fake.
A PayPal representative told Troubleshooters the company wouldn't need to ask for that kind of information by email.
PayPal shared a few warnings signs they said are red flags someone is trying to scam you:
- Look for a Personalized Greeting: Companies will never send an email with the greeting "Dear User" or "Dear Member." Real emails will address you by your first and/or last name or the business name associated with your account.
- If you believe you have received a fraudulent email, please forward the entire email <including the header information> to email@example.com. We investigate every spoof reported. Please note that the automatic response you get from us may not address you by name.
- Don't share personal information via email: Companies will never ask you to enter your password or financial information in an email or send such information in an email. You should only share information about your account once you have logged in.
- Don't download attachments: PayPal will never send you an attachment or software update to install on your computer.
- Check for grammatical errors: No company e-mails will have any spelling or punctuation mistakes. Also, companies send e-mails in black font, not different colors (in this case, red).
- Check the e-mail address: Anything not from “@paypal.com” is a fraudulent address.
Below is an example of the email from scammers:
From: PayPal Services [mailto:firstname.lastname@example.org]
Sent: Tuesday, January 05, 2016 10:23 PM
To: Undisclosed recipients:
Subject: Online Account Verification
Please take a few minutes out of your online experience to know why we have limited the access (temporarily) to your account.
When PayPal limits your account, it means that you won't be able to do certain things with your account; you might not be able to send or withdraw money (temporarily).
PayPal may limit your account as a security measure to protect you and your account. Access limitation is taken as a pre-caution.
We have sent you a form through which you may download (see attachment). We kindly ask that you provide some information in regards to your account.
The account will be restored back to its normal state after you have provided the legitimate information in the form.
We would like to thank you for your attention to this matter.
PayPal Support Team