PayPal phishing - has your account been temporarily limited?

Filed Under: Phishing, Spam

Phishing for passwords
Have you received an email, seemingly from PayPal, declaring that your account has been temporarily limited?

Plenty of people have been targeted by an attack which uses the subject line "Your account has been temporarily limited!" and claims to come from what appears to be an offiicial PayPal address.

Well, beware opening the attached reactivation form too quickly because you could be passing your personal information to cybercriminals.

Because the emails are bogus, and the headers are forged - all with the intention of stealing information from you.

Your account has been temporarily limited!

Here is part of the text of that we are seeing being spammed out widely right now:

Dear PayPal account holder,

PayPal is constantly working to ensure security by regularly screening the accounts in our system. We have recently determined that different computers have tried logging into your PayPal account,and multiple password failures were present before the logons.

Sounds scary, eh? People on different computers have been trying to log into your PayPal account, and have been guessing at the passwords? Nasty!

Until we can collect secure information, your access to sensitive account features will be limited. We would like to restore your access as soon as possible, and we apologize for the inconvenience.

Those nice folks at PayPal are looking out for you! They've locked down the account because of all the attempted intrusions. Thank goodness!

Download and fill out the form to resolve the problem and then log into your account.

And sure enough, there is a form attached to the email. It's called Restore_your_account_PayPal.html

But these emails and the form don't really come from PayPal, and entering your confidential information into the form is only going to pass your private data to the cybercriminals behind this spam campaign who will use it to phish your account for money and perhaps steal your identity.

Sophos customers are proactively protected against this attack. You may not have fallen for it (the lack of graphics in the email body make it look less convincing than some of the PayPal phishing scams we often see) but you may have other loved ones and acquaintances who would be vulnerable to an attack like this.

, ,

You might like

9 Responses to PayPal phishing - has your account been temporarily limited?

  1. If I am ever in doubt about an email I go to the company's website and sign into my account and talk to them directly.

  2. Kim · 1733 days ago

    I have clients who really need this type of protection -- but your blog articles isn't pointing to anywhere on your site where my clients can also be: "Sophos customers are proactively protected against this attack". I cannot tell you the number of folks I have helped who kind of knew they shouldn't have responded to this type of attack, but did anyway. I think that even where there is a lot of education about these types of attack, many do not feel empowered to ignore messages or are more afraid of missing something important. Thanks for the fine review of this type of scam.

  3. uuugb · 1732 days ago

    I do not know why people use Paypal. Is insecure, is run by people with no scruples.
    How any company that presents to be a bank will block your account? Paypal is not a bank, and never will be one! Do not trust such company, a wolf dress as a lam.

    • Craig · 1188 days ago

      Paypal is perfectly safe if used properly. Giving away insecure information under insecure circumstances will render anyone vulnerable. Scaremongering about 'wolves' and ' lam(s) sic might well display your own paranoia but helps no-one.
      Caution and common sense are required in the real world AND on the internet.

  4. Pudnick · 1404 days ago

    I received a grateful email from PayPal when I forwarded such a phish to I think it is important for companies to know when their name is being used for fraudulent purposes. I can tell most of these are fraudulent because I don't even have accounts with the companies that are supposedly warning me about my accounts.

  5. Vicki · 1401 days ago

    You can report PayPal spam and phishing by forwarding it to PayPal: Most companies have an address where you can forward to them suspected phishing. I never open any attachments unless a friend calls and tells me it's on its way and never open fw. jokes or funnies even from friends. It's easy to be safe if you're cautious!

  6. Sally · 1400 days ago

    genuine emails from Paypal always address the recipient by their name...

  7. Joel · 1217 days ago

    On a related note...I received several phone calls from what the Caller ID said was PayPal/E-Bay last week. I have no outstanding accounts with E-Bay and my PayPal balance is zero. Be aware!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Graham Cluley runs his own award-winning computer security blog at, and is a veteran of the anti-virus industry having worked for a number of security companies since the early 1990s. Now an independent security analyst, he regularly makes media appearances and gives computer security presentations. Follow him on Twitter at @gcluley