A PayPal phishing scam can be tricky, but don’t worry all you need to do is keep your eyes open and do what we tell you.

A new email has been circulating on the web nowadays that purports to be sent by PayPal.

It informs the user that the firm is changing its legal agreements and therefore, the user must click the “Confirm Account” button to accept those modifications.

Phishing Scam | Hackers are targeting PayPal users with ''Changes to legal Agreements'' Phishing Scam.
PayPal Customers Hit with ‘Changes to Legal Agreements’ Phishing Scam
The Reality:

This email hasn’t been sent by PayPal at all instead, it is a phishing scam designed for stealing your personal PayPal account login details and other critical information. When you click on the “Confirm” button, a link will take you to a fake website designed to look like the real PayPal home page. On that fake page when you click the login button and submit your original account login details, another bogus web form will appear asking you to “confirm” your account by submitting personal details and credit card number.

This information will be collected by hackers and cyber criminals. They will later hijack your authentic PayPal account and they will use it to conduct identity theft and perform fraudulent actions using your credit card.

The Fake Email initially Seems Authentic:

This email seems genuine initially because it contains the original PayPal logo and scammers have used the same color scheme. Moreover, it is also a common practice at PayPal to inform its customers about changes in legal agreements via emails.

must read
PayPal Users hit with ‘Payment Made without Permission’ Phishing Scam Email[/must]

Example:
Phishing Scam | Hackers are targeting PayPal users with ''Changes to legal Agreements'' Phishing Scam.
PayPal Customers Hit with ‘Changes to Legal Agreements’ Phishing Scam | Image Credit: HoaxSlayer

However, when you scrutinize closely, it becomes apparent that there are grammatical errors in the message, which obviously doesn’t happen in genuine PayPal emails. Apart from this, authentic PayPal emails always address the customer from first and last names and no such greetings like “Dear Customer” are the part of their emails. Moreover, authentic emails never ask the user to click on a direct link to update account information or confirm the account.

Targeting PayPal users has become such a regularly appearing tactic by scammers that the customers are now fully capable of detecting the phishing scam. However, we would like to give you a word of advice: whenever you receive an email like this one, just discard it– don’t click on it or open the attachment.

You can stay safe from such phishing attempts by simply typing the URL into the browser’s address bar and not clicking on link present in the emails.

It is safe and advisable to login your PayPal account by entering the web address into your browser’s address bar or via an official PayPal app. The PayPal website has a verified green signature as shown in the screenshot below: 

paypal-users-hit-with-asda-order-phishing-scam-2

Report typos and corrections to admin@hackread.com

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.