Your PayPal Account Was Deleted’ Phishing Scam

Your PayPal Account Was Deleted’ Phishing Scam

Outline
Email purporting to be from PayPal claims that the recipient’s PayPal account has been deleted and he or she must click a “Recover Account” link to get the account back.

Brief Analysis

The email is not from PayPal. The message is a scam designed to trick users into divulging their PayPal account login details to Internet criminals.

Example

Subject: Unread Message From PayPalThis message confirms that your PayPal Account was deleted.

If you didn’t delete your account, click on the link below to restore access immediately:

Recover account

PayPal Accounts can only be restored within a short period of time after deletion.

Sincerely,
The PayPal Accounts team

This email can’t receive replies. For more information, visit the PayPal Accounts Help Center.

You received this mandatory email service announcement to update you about important changes to your PayPal product or account.

© 2013 PayPal Inc.,

Paypal Account Deleted Phishing Scam

Detailed Analysis
This message, which claims to be from online payment company PayPal, informs recipients that their PayPal account has been deleted. The message claims, however, that recipients still have time to restore access to their deleted account by clicking a “Recover Account” button in the email. But, warns the message, the account can only be recovered “within a short period of time after deletion”.

The message is not from PayPal. The claim that recipients’ accounts have been deleted is untrue. The email is a phishing scam designed to trick concerned PayPal users into divulging their login information to cybercriminals. The scammers hope that at least some recipients, momentarily panicked into believing that their account has been deleted, will click the “recover Account” link without due caution. And, by suggesting that users must act quickly if they wish to recover their account, the scammers further increase the likelihood that victims will quickly click the link.

Those who do comply and click the link as instructed will be taken to a fake PayPal login page and asked to submit their account email address and password. They may then be automatically redirected to the genuine PayPal website. Meanwhile, the criminals operating the phishing scam can collect the stolen account details and use them take control of the PayPal accounts belonging to their victims.

Phishing is a very common criminal ruse and PayPal is regularly targeted. Remember that PayPal will always include your real name in any notifications that it sends. Emails claiming to be from PayPal that use generic greetings such as “Dear customer” or do not include a greeting at all, should be treated as suspect.

If you receive a suspect email, do not click any links or open any attachments that it contains. It is always safest to login to your online accounts by entering the account address into your browser address bar rather than by clicking a link in an email.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s