PayPal users who have received email messages claiming they need to take action to protect their accounts are asked not to follow the instructions in them. This is because the fake emails are phishing scams being sent by online scammers, and not by PayPal. The aim of the scammers is to steal the recipients' PayPal usernames, passwords, and credit card information, which they(scammers) will use to hijack their accounts and use them fraudulently.
The "PayPal You Still Need To Take Action To Protect Your Account" Scam
From: service - email@example.com
Date: May 15, 2020 at 1:13:56 PM CDT
Subject: RE: 🔒 Alert: Account Support Team - Please review the following new email we've posted. 號复
You still need to take action to protect your account. Until you do so, your PayPal account access will remain limited.
What's going on?
We noticed some unusual activity on your account and are concerned about potential unauthorised account access.
What to do next
Please log in to your PayPal account and follow the steps there to confirm your identity and recent account activity. To help protect your account, your account will remain limited. You won't be able to make or receive payments until you complete the steps.
Login to PayPal
If the instructions in the phishing scam are followed, the potential victims will be taken to a fake PayPal website and ask to sign-in with their PayPal usernames and passwords. They will then be asked to update their credit card information by entering it on the bogus PayPal page.
All the information entered on the bogus PayPal page will be sent to the online scammers behind the scam. Once they have their potential victims' PayPal credentials, they use it to hijack their accounts and use them fraudulently. This includes stealing money from their accounts, using their PayPal accounts and credit cards to make fraudulent purchases. Victims who have already entered their PayPal user names, passwords and credit card information on the fake website are asked to change their PayPal password and contact PayPal and their bank immediately for help.
Please note that PayPal will always address their users by name and will never refer to them using the following:
- Dear [Email Address]
- Dear PayPal customer
- Dear Valued Customer
- Dear Member
- Dear User
- Dear Customer
To avoid getting tricked by these phishing scams, PayPal users are asked never to click on a link in an email message to sign into their PayPal accounts. They should always go to www.paypal.com and sign into their accounts from there. After signing in, PayPal will display important messages or notifications to them.