PayPal users who have received email messages like the one below, which claim a request to reset or change their account passwords have been submitted, are asked not to click on the link in the email messages. This is because the link or button in the fake email messages go to a phishing website looking similar to PayPal's website, where visitors will be asked to sign into with their PayPal account. But, any attempts to sign into the fake PayPal website will send the visitors' PayPal credentials to the cybercriminals behind the phishing scam, who will hijack the accounts and use them fraudulently.
The "PayPal Request to Reset your Password" Phishing Scam
From: PayPal Summary <u0HIesfpWv.W9T8jaWMQs.nAi4HLQ3vQ.ptXxNN1X@ L5qcYArpvA.9Be.uniprat.univercity-prapatan-kanguru. network>
Date: November 22, 2017 at 6:48:53 AM PST
Subject: [RE: [Notification Alert] A request was submitted to reset your password #(I41J4RXP7T)
Dear,
Reset password request
A request was submitted to reset your password () from our client area.
Details :
Date and Time : 0:48, 23 Nov 2017
IP Address : 65.92.81.47
Location : Honduras
Browser : FireFox
If it was not you or if you believe someone want to reset your password, please go to security center to update security settings
Go to security settings
Best Regards (PayPal Pte. Ltd.)
PayPal | Support | Privacy Policy
Copyright © 1999-2017 PayPal. All rights reserved
This is why it is important that PayPal users remember never to click on a link to sign into their accounts. They should always go directly to www.paypal.com and sign-in from there instead. Once they have signed into their accounts will be notified of changes and other important updates if there is any.This will prevent them from becoming victims of phishing scams, where cyber criminals steal their credentials, hijack their accounts, steal their money, and use their accounts fraudulently.
PayPal users who have already been tricked by a phishing scam, are asked to change their passwords and contact PayPal immediately for help.