Thursday, February 2, 2023

The Latest Paypal Scam - Be Careful!

 Today I received an email that is in the image below. I have been monitoring and reporting on scams for decades, so I feel like I've seen it all. And mostly I have.

Scams are kind of like viruses - the basics are recognizable but there are an endless variety of always emerging variations - all with the goal to evade identification and trick people into the scam. Get their money. Get their personal information so they can sell that. Money. It's about them stealing your money. However they can.

The Paypal scam has been around a LONG time. They have, in the past, sent a fake email that looked like a real paypal email either sending you a [fake] invoice or saying you've received money [you haven't] in order to get your login details (and then they clean out your Paypal account).

So I wasn't surprised to see this scam email in my inbox. Here, let me show you an image:


I hovered (notice how I said HOVER... never ever ever click on these links in the email) over the FROM email and in the old days, that would look like a fake Paypal email address and I would know right then. But this email looked like a real Paypal email address. 

So I kept looking. The next thing actually gave it away but I decided to open a brand new browser and log into my Paypal account myself. But let me show you what gave it away.

I hovered over that TINY link highlighted in the below image.


That was NOT a Paypal address when I hovered over it so bingo - it's a fake email.

If you call the phone number in the fake email, it is likely NOT a legitimate phone number. It's the scammer themselves. Often they will have a foreign accent (no red flag there for customer support people) but often you will hear traffic and noise because the scammer is just walking somewhere. If you continue with the call, they will tell you oh dear - that sounds like a fake email, give me your login details and I will confirm (at which point they will log into your account and clean it out). 

As Paypal now uses Two-Factor Authentication now (sends a code to your phone on file), the scammers will then tell you - oh dear, sounds like your computer has a virus (or security problem) and they will then shift you to the classic scam that traditionally has been fake "Microsoft Support Technicians". So you can see this is just a variation on that. Don't give your login details to ANYONE.

So at this point, this is a pretty classic fake Paypal scam email. I can just delete it and move on with my life.

But I want you to know more about how this scam has evolved. In some cases, the scammers will actually have an actual Paypal account and use the Paypal system itself to send a made-up invoice but it looks real because it IS coming from the Paypal system. They then follow-up with a fake email so they can put a fake customer support number in the email (and now you are back to the above flow if you call the fake support number and they tell you there is a security problem on your computer). It's tricky because there IS an invoice in your real Paypal account.

The fake follow-up email might look something like this:

Note from Billing Department of PayPal:

There is evidence that your PayPal account has been accessed unlawfully. $1,000. 00 has been debited to your account for the Walmart eGift Card purchase. This transaction will appear in the automatically deducted amount on PayPal activity after 24 hours. If you suspect you did not make this transaction, immediately contact us at the toll-free number [redacted] or visit the PayPal Support Center area for assistance. Our Service Hours: (06:00 a. m. to 06:00 p. m. Pacific Time, Monday through Friday)

So what is the bottom-line of all this and how can you avoid falling for the many variations of this Paypal scam?

1. Never click on ANY links in emails that are suspicious or asking you to log in or provide private information. Hover over links to see if any of the links looks suspicious. Sometimes its the tiny links at the bottom.

2. Never call the support number that you see inside an email. Just NEVER. That is the safest thing. Open a new browser and look up that vendor's site yourself and find their support number on their website in a clean newly opened browser. Take the extra time to do this.

3. Never give your log in information to anyone. Your legitimate vendors will not ask you for your login password ever.

4. Often, you can google certain details of the scam email you've received and often there will be posts out there like this blog post that will help you identify if its a scam email.

Stay safe out there!