If you get an email from PayPal, proceed with caution: Scammers are using a legitimate PayPal address to send fraudulent purchase notifications to users in an attempt to gain remote access to your computer by convincing you to download malware.
The phishing emails are being sent from service@paypal.com, which makes them seem real—but as Bleeping Computer reports, scammers have managed to exploit PayPal settings in order to trick recipients.
How to spot the PayPal scam
Users targeted for this scam are receiving emails from PayPal notifying them that they’ve added a new mailing address to their account. According to Bleeping Computer, users who received this message did not actually add new addresses to PayPal, and in some cases, these notices are being sent to email addresses that aren’t even linked to a PayPal account at all.
The phishing email also includes variations of the following message:
“Confirmation: Your shipping address for the MacBook M4 Max 1 TB ($1098.95) has been changed. If you did not authorize this update, please reach out to PayPal at +1-888-668-2508′”
Scammers are hoping users will call the number to reach PayPal support about a suspected fraudulent MacBook purchase. But if you do, you’ll speak with someone who will scare you into believing your account has been hacked and direct you to download and run software to fix it. Instead, though, scams like this intend to take over your system in order to run malware and steal money and/or personal information.
Obviously, a phishing email received from a legitimate PayPal address is worrisome—plus, it can get past security and spam filters. As Bleeping Computer’s reporting found, the scammers are first utilizing the platform’s “gift address” feature (which is just an additional shipping address you can add to your account) and then automatically forwarding the confirmation with the fraudulent message through a mailing list so it looks like it came from PayPal.
How to avoid falling victim to the PayPal scam
One way to identify phishing scams is to check the address that the message is sent from, which may seem legit on the surface but clearly not when you look closer. In this case, that may not help much, but you should always be wary of messages that provoke an emotional response (like fear).
If you get this email, you can ignore and delete it, though you can log into your PayPal account by going directly to the website or app and make sure nothing has been added to your account. Do not click links or call phone numbers listed in suspicious emails—instead, go directly to the website to access your account and locate official customer service channels if needed. Finally, never download anything from a suspicious email to your device.
