PayPal Users: Here’s What You Need to Know About the New Phishing Scam

By on Dec 05, 2017

It’s the season of giving, which means internet scams are practically everywhere, as cybercriminals are trying to trick eager holiday shoppers. So, it’s unsurprising that yet another scam has emerged, this time targeting millions of PayPal users with manipulative phishing emails. The emails, which are intended to look like they’re from customer support, are trying to convince users to validate fake transactions.

How it works

This phishing scam does a pretty good job at seeming believable. The email leverages the PayPal logo and the sender’s address appears to be Additionally, an order number is referenced and the message claims that the user needs to click a link in order to verify the transaction. The order number is entirely fake, and the link actually leads users to

From there, victims are lead through an authentication process that asks for name, date of birth, address, mother’s maiden name, and a credit card number. What’s more — the site has a valid SSL certificate, which is the green lock icon in the corner of your browser that indicates that you are connected to the address shown in the address bar.

How to stay protected

Fortunately, there are a few key indicators that reveal the scam’s true colors. First off, the header bar on is missing a “help” link. There’s also no alarm bell for notifications or a gear icon that you can use to update your settings. Plus, normal verification procedures don’t typically involve an additional form like the one from So be sure to keep an eye out for all these red flags.

However, beyond staying aware of these indicators, there’s a few other things users can do to stay protected from this malicious phishing scam:

  • Go directly to the source. This scam could be easily avoided if users simply go directly to the PayPal website. It’s a good security rule of thumb: when an email comes through requesting personal info, always go directly to the company’s website to be sure you’re working with the real deal.
  • Be careful what you click on. Be sure to only click on emails that you are sure came from a trusted source. If you don’t know the sender, or the email’s content doesn’t seem familiar, remain wary and avoid interacting with the message.
  • Place a fraud alert. If you know your data has been compromised by this attack, be sure to place a fraud alert on your credit so that any new or recent requests undergo scrutiny. It’s important to note that this also entitles you to extra copies of your credit report so you can check for anything sketchy. And if you find an account you did not open, make sure you report it to the police or Federal Trade Commission, as well as the creditor involved so you can put an end to the fraudulent account.
  • Stay secure while you browse. Sometimes it’s hard to identify whether a website, such as, is full of malicious activity or is being operated by a cybercriminal. So, add an extra layer of security to your browser, and surf the web safely by utilizing McAfee WebAdvisor.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

About the Author

Gary Davis

Gary Davis was previously McAfee's Consumer Security Evangelist providing security education and advice to businesses and consumers. He is a sought-after speaker on trends in digital security, appearing at conferences and events, as well as security and consumer lifestyle broadcast outlets and publications such as ABC, NBC, FOX, the Wall Street Journal, USA Today, Money ...

Read more posts from Gary Davis

  1. It has been quite a while now but I have received these type of paypal scam emails in the past. They asked me to forward the email to them at which I did. They want the entire email including the addressing, etc., not just the message body. They will acknowlege receipt and send along their thanks.

  2. Right click the email notice
    click properties
    click details
    click message source
    check for names, addresses and anything familiar
    if you have questions cancel/delete immediately

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs