Millions of people rely on PayPal for secure online payments, but cybercriminals have found a way to exploit this trusted platform. A new scam targets unsuspecting users with legitimate-looking PayPal emails, making it harder to identify the threat. Here’s how the scam works and how you can protect yourself.
How the Scam Works
You receive what appears to be a legitimate email from PayPal, requesting payment. The email includes a real PayPal link and seems entirely authentic—it even comes from PayPal’s official email domain.
Here’s the catch: the email is also sent to another address you don’t recognize. This additional email address belongs to the cybercriminals. If you click the link in the email, their email address becomes linked to your PayPal account.
Once connected, the cybercriminals gain full access to your PayPal account. They can view your account details, including your login credentials and financial information, putting your personal and financial security at risk.
How to Protect Yourself
Stay safe from phishing scams like this by following these tips:
- Avoid Clicking on Unexpected Emails
Even if an email seems to come from a trusted source like PayPal, avoid clicking on any links. Instead, go directly to the organization’s official website or app to handle payments or check your account. - Check Email Recipients
Pay close attention to who else is listed as a recipient in the email. Be wary of emails sent to multiple addresses, especially if you don’t recognize some of them. - Don’t Trust Emails Based Solely on the Sender’s Domain
Just because an email comes from a trusted domain doesn’t mean it’s safe. Cybercriminals can exploit legitimate domains to make their scams more convincing.
Stay Vigilant
Phishing scams are becoming increasingly sophisticated, and it’s essential to remain cautious when dealing with unexpected emails or payment requests. By staying informed and following these best practices, you can protect your financial information and avoid falling victim to scams.
As a KnowBe4 partner, Citynet is here to help you and your business stay secure. Contact us today to learn more about protecting your organization from cyber threats by providing security awareness training (SAT) from KnowBe4.
