A recent PayPal phishing scam involves scammers using compromised or fraudulent Paypal business accounts to send fake invoices (from paypal.com). Scammers are attempting to get recipients to call a provided toll free phone number to dispute the charges, and during this call scammers are asking callers to download software. This software provides them with remote access to your device.
Additional scam attributes & recommendations:
- One reported email subject line is: Billing department of PayPal updated your invoice
Sample reported text:
There is evidence that your PayPal account has been accessed unlawfully . . . . $600 has been debited to your account for the Walmart gift card purchase . . .If you suspect you did not make this transaction, immediately contact us at the toll free number . . . . “
- In addition to the email passing all validation tests that it is coming from PayPal, another deceptive attribute is that hovering over the “View and Pay Invoice” button does in fact show that the link loaded will be from paypal.com.
- You can avoid these types of scams by logging into your account to view all associated invoices/charges before engaging with customer service. If you’ve received a fraudulent statement/invoice, or if you have a question, notify the supposed issuer of the communication (in this case PayPal), using a trusted phone number.
- Finally, avoid clicking links or attachments in unexpected communications, even those that appear legitimate.
Resource:
Krebs on Security, PayPal Phishing Scam Uses Invoices sent by PayPal