The "Your PayPal Account has been used to Sign in to Account via a Web Browser" Scam
From: PayPal <noreply.eCqDRYbA.firstname.lastname@example.orgCqDRYbA.reply.icloud.com>
Sent: 20 April 2018 15:50
Subject: Re [New Statement Update] : Confirmation Activity Your Account Payment Summary Probelem On Case ID A00Y382938FH
We Need Your Help To Resolved Unauthorized Activities.
Your PayPal account has been used to sign in to Account via a web browser.
Date and Time: April 20, 2018, 09.20 PST
Operating System: Windows
If the information above seems familiar, you can ignore this message.
If you have recently not signed in to your account and believe someone may have accessed your account, log in to your PayPal Account and change your password as soon as possible
What to do
Log in to your PayPal account as soon as possible. We may ask you to confirm information you provided when you created your account to make sure you're the account holder. We'll then ask you to change your password and security questions.
You should also do the following for your own protection:
Check your account details (address, email, phone, etc.) to make sure they're accurate.
Review your account activity to make sure you recognize the transactions made recently.
Report any unknown or unauthorized activity. Go to the Resolution Center and click Dispute a Transaction.
Update Your Account
If the instructions in the phishing scam are followed, the potential victims will be taken to a fake PayPal website and ask to sign-in with their PayPal usernames and passwords. They will then be asked to update their credit card information by entering it on the bogus PayPal page.
All the information entered on the bogus PayPal page will be sent to the online scammers behind the scam. Once they have their potential victims' PayPal credentials, they use it to hijack their accounts and use them fraudulently. This includes stealing money from their accounts, using their PayPal accounts and credit cards to make fraudulent purchases. Victims who have already entered their PayPal usernames, passwords and credit card information on the fake website are asked to change their PayPal password and contact PayPal and their bank immediately for help.
Please note that PayPal will always address their users by name and will never refer to them using the following:
- Dear [Email Address]
- Dear PayPal customer
- Dear Valued Customer
- Dear Member
- Dear User
- Dear Customer
To avoid getting tricked by these phishing scams, PayPal users are asked never click on a link in an email message to sign into their PayPal accounts. They should always go to www.paypal.com and sign into their accounts from there. After signing in, PayPal will display important messages or notifications to them.