Discover how cybercriminals exploit legitimate PayPal emails in a clever scam to gain access to your account.
Millions of people use PayPal to make secure payments online, but cybercriminals have figured out a way to use it maliciously. In this week’s scam, you receive a legitimate email from PayPal requesting that you make a payment. The email is actually from PayPal and even contains a real PayPal link. Even though the email is real, it’s part of a clever trick by cybercriminals.
The email that is sent to your email address is also sent to an email address you do not recognize. This unrecognized email address actually belongs to the cybercriminals. If you click the link in the email, their email address will be connected to your PayPal account. Once their email address is linked to your account, the cybercriminals will have full access to your PayPal account. They will be able to view all your account details, including your user credentials and financial information!
Follow these tips to avoid falling victim to a phishing scam:
- While this scam targets PayPal users, never submit payments after receiving an unexpected email. Instead, navigate directly to an organization’s official website or app to submit a secure payment.
- Check the email recipients carefully. Be suspicious of emails sent to multiple addresses, especially ones you don’t recognize.
- Remember that emails can be malicious even if the sender’s email address is from a trusted domain. Cybercriminals can gain access to trusted domains to make their scams more believable.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.
