PayPal: Consumer advice center issues official warning about phishing

The consumer advice center warns of fraudulent phishing e-mails posing as official e-mails from PayPal. Apparently, criminals are shamelessly exploiting the recent changes to the payment service provider’s terms and conditions to obtain user data.

Changes to PayPal’s terms and conditions as a good opportunity

The number of cyberattacks is increasing globally and is now also growing in scale. We recently reported that Microsoft has been hit by regular attacks by Russian hackers since November 2023. However, while this apparently state-led attack is clearly aimed at destabilizing the company, there are always criminals who want to make a quick buck. For example, a few fraudsters are using the fact that PayPal has updated its terms and conditions as an opportunity to rob users of the payment service of their money. The consumer advice centers have now issued a corresponding warning in their phishing radar.

Phishing emails are currently being circulated that actually state the changes to the terms and conditions as the reason for making contact. This means that the criminals could strike a nerve with many users and fall on receptive ears. To prevent this brazen bait from working too well, the consumer advice center has published a few examples as part of its phishing radar. The subject of the emails should read “Unblock your PayPal account in accordance with the new terms and conditions”. To give the email a serious look, the criminals not only use a personal form of address for the user. On top of that, the email comes with an official PayPal logo.

Request for current personal data

Users who now receive an email that is supposedly from PayPal should be particularly suspicious of the email’s request. If it is about updating personal data, the alarm bells should already be ringing for most people. All others should now receive a corresponding notice from the consumer advice center. The request to update the data should still be associated with a certain amount of pressure. For example, there is a threat of account deletion if the data is not updated within a certain period of time. Sometimes these deadlines are just a few minutes. At this point at the latest, you should really become skeptical.

The email then contains a button labeled “Update data”. Given the fear of losing their PayPal account, many users are likely to fall for this link. This then leads to the phishing page to steal the user’s data. If you receive such an email, it is best to delete it immediately. In future, always look out for anything unusual in the email. The sender’s address is always an important clue. If this does not match official emails from the service provider, you can already assume that there is a high risk that this is a phishing email.