InfoSec News & Investigations

Avoid these PayPal phishing emails

Join the Telegram channelTelegram

For the last few weeks, there’s been a solid stream of fake PayPal emails in circulation, twisting FOMO (fear of missing out) into DO THIS OR BAD THINGS WILL HAPPEN. It’s one of the most common tools in the scammer’s arsenal, and a little pressure applied in the right way often brings results for them.

Claim people are going to lose something, or incur charges, or miss out on a valuable service, and they’ll come running. Below is an outline of who these emails claim to be from, what they look like, and the kind of panic-clicking that they’re pushing. These are just a few examples; there are many, many others.

Common factors

Most of the mails we’ve seen claim to be sent from

Secure(AT)intl-limited(DOT)com

Or variations thereof, although the actual email being used is frequently just a mishmash of random letters / words / numbers. They also mostly make claims that your account is limited, or restricted in some way, or there’s been some unusual activity on your account and now you must  prove you were the one making (non-existent) transactions.

It’s very similar to this batch of missives from 2015, where scammers were after credit card / payment  details. Here’s some of the mails, to give you an idea of what to look out for. They are typically awash with typos, and we’ve not corrected any of their mistakes.

Click to Enlarge

Scam mails

Re: [Important] – Your account was temporary limited

We would like to inform you of certain modifications to our user contracts which concern you.

No action is required on your part. However, if you would like to know more, we invite you to consult our Policy Updates page where you will find the details of these modifications, in which cases they apply and how to refuse them, if applicable.

After a recent review of your account activity. we’ve determined you are in violation of PayPal’s Acceptable Use Policy. Your account has been limited until we hear from you. While your account is limited, some options in your account won’t be available.

Re: [Renewal of the Order Receipt] Sign Up for Bank Statement Updates use Google Chrome from Marshall Islands

Dear Customer Service

Your paypal account has been limited because we’ve noticed significanyt changes in your account activity. As your payment ptocessor, we need to understand these changes better. This account limitation will affectr your ability to:

Send or receive money

Withdraw money from your account

Add or remove a card & bank account

Dispute a transaction

Close your account

What to do next?

Please logi in to your paypal account and proviude the requested information thought {SIC} the resolution center

Re: Submitted : Statement update login with Google Chrome From Taiwan, Province of China

Your PayPal account has been limited

Dear Customer,

Our service is improving the security system for all PayPal account. The reason, many accounts have been hacked by someone to order an item using a credit / debit / bank card in account associated.

For the convenience and security of PayPal, we have limited all accounts registered.

PayPal is the safer, faster way to pay. To recovery your account, you can click the link button below and proceed with identity verification to prove that it is your account.

Re: Reminder: [Daily Report] [Update News] [System known] Update-informatie zie factuur van – Statement Update New Login

Your paypal account is temporarily limited

Hello client,

We noticed that you’ve been using your Paypal account in a questionable manner. To understand this better, we just need more information from you.

To ensure that your account remains secure, we need you to take action on your account. We’ve also temporarily limited certain features in your account

Currently, You won’t be able to:

• Send Payments

• Withdraw Funds

What should you do?

Log in to your Paypal account follow the steps and perform the required tasks.

RE: Reminder: [Daily Report] [Statement Agreement] We have sent notifications. Automatic updates 

Your account has been limited.

Hello, Customer

We’ve limited your account

After a recent review of your account activity, we’ve determined you are in violation of PayPal’s Acceptable Use Policy. Please log in to confirm your identity and review all your recent activity

You can find the complete PayPal Acceptable Use Policy by clicking Legal at the bottom of any PayPal page.

Help and advice for avoiding scams

PayPal has expanded its security resources in recent years. They now have a portal for multiple forms of suspicious activity, a section for reporting phish scams, and protection for buyers and sellers.

You can also check out part 1 of our 3-part Phishing 101 guide.

These emails won’t be drying up anytime soon, so please be on your guard and, as always, visit the PayPal website directly from your browser should you receive any messages claiming you’ve been limited or locked out. If it’s genuine, then customer service will be able to assist. If it isn’t, help both PayPal and everyone else by reporting the phish. It’s a win-win scenario.

The post Avoid these PayPal phishing emails appeared first on Malwarebytes Labs.

If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.

Want to Support the Site, Become a Patron!

Original Source