A common tactic that fraudsters use to steal money from people is a technique called phishing. This is when they create fake messages that appear to be genuine to gain your confidence and trick you into giving away some personal information. And with an increase of reports of PayPal phishing scams, we wanted to share some information you can use to keep your account details safe online.
PayPal text scams - the warning signs
It all begins with you receiving a text that appears to be from PayPal. You might not even be a PayPal customer, in which case you'll already know it's fake! But if you've used PayPal before, it might seem more genuine.
The text might appear to come from an official PayPal number or show the sender as being PayPal themselves. But don't let this fool you, fraudsters can easily spoof these details. So they're not a reliable indicator of who the message is from.
And the message itself might be quite alarming. Common messages include:
A warning that your account has been hacked
A query about a recent payment they need you to check
Confirmation of a recent order that you don't remember making
An offer of a gift card you're not expecting
All of these messages will seem urgent, and they'll want you to take some kind of action. The fraudster is betting on you panicking about your account and acting without thinking. But you should always be suspicious of these kind of messages, no matter how genuine they look.
How the scams work
The text message will usually contain a phone number that you can use to contact PayPal. Of course, this isn't really PayPal, but a direct line to the fraudsters. If you call the number, you'll end up talking to someone who'll ask for your account details. Any information you give them will help them to gain access to your account, which will let them freely move money from your account.
You might think you'd be able to tell the difference between a PayPal employee and a scammer, but that's not necessarily true. The cliché of the foreign-sounding speaker tricking people in broken English is no longer accurate. Fraudsters can be exceptionally smooth talkers, well-rehearsed in coaching you into parting with your details.
The text message might also direct you to a website instead of a phone number. Again, this might look like a genuine website, but it won't be. Logging into the website gives the fraudster your account details and they'll be free to do what they want with them.
What to do if you receive a PayPal text scam
The best way to stay safe is to stay vigilant and treat any new messages from PayPal with suspicion. Remember that you don't have to reply to the message, and if it's important, PayPal will contact you through another method.
If you'd like to check, contact PayPal directly through any of their official support channels to ask if the message you received was genuine.
You can also forward the text to 7726 to report it as spam. And you can separately report the phishing attempt to Action Fraud, who can investigate it.