A recent PayPal phishing attack is attempting to steal users’ account credentials and other sensitive information that can be used for identity theft.
The phishing campaign is actively being carried out in the form of text messages that are pretended to be from PayPal, telling users that their account has been permanently limited and asking them to click on a link to verify their account. Usually when a suspicious or fraudulent activity on an account is detected by PayPal, the account’s status is set to "limited," which puts temporary restrictions on activities such as withdrawing, sending, or receiving money.
By clicking on the link given in the phishing message, users are taken to a phishing page where they are prompted to log in to their PayPal account. Logging in on the phishing page would send the users’ PayPal credentials to the attackers and the phishing page would even try to collect further information from users, such as their name, date of birth, address, bank details, and more.
The collected information can then provide an opportunity to attackers for identity theft and they can even gain access to other accounts using that information.
Phishing scams in the form of text messages have become a popular fraudulent activity, and so users must be very careful when it comes to receiving text messages that may seem suspicious. Users are recommended to not click on any suspicious links and check the main site’s domain to first confirm if there actually is an issue with their account or not.
In case a PayPal user has mistakenly logged into their PayPal account or provided other information through the phishing page, then they must immediately change their PayPal password from the main site. Moreover, if the same password is used for other sites, it must be changed for those sites as well. It is also suggested that users monitor their credit report to make sure no fraudulent accounts are created under their name.
Another option for victims is to temporarily freeze their credit report to inhibit banks and other companies from issuing credit under their name.