New PayPal scam
By Peter Andrews-Briscoe, on 15 December 2022
Recently, we have had seen a new kind of spam email being reported to us that is done over PayPal. These are messages from firstname.lastname@example.org (a legitimate PayPal address) but with a message about account activity that often involves large sums of money, telling you to phone a number if you do not recognise the activity. Here is an example of what this might look like:
The name, number, amount of money and what the “purchase details” will change from request to request. However, despite coming from a real PayPal email address, the message itself will be a scam. The phone number will be the scammer’s number, who will then try to gather more information on you.
Unfortunately, we can’t block these phishing attempts, as the phishing happens over the PayPal website. As such, please forward these emails on to email@example.com so they can investigate the account further.
How to distinguish between a real PayPal request and a fraudulent one
In general, if you receive an email from PayPal to your address that is not connected to a PayPal account, even if it comes from a legitimate PayPal address, this is almost certainly spam (unless you were expecting someone to request money from you). If your address is related to a PayPal account, you can still easily pick up on the signs that mark this out as a scam: notice how this is a money request from someone rather than a notification, and that it’s the person sending the request who has left the note. On top of that, you should always look up the phone number before phoning it back, and only phone the numbers on the PayPal website.