BleepingComputer has spotted a new PayPal phishing campaign that’s stealing the user’s PayPal credentials, along with PII. The campaign starts with a fake text message sent to users, panicking them about their account limitation, and asks for verification to access it. Researchers warn about potential identity theft attacks if fallen for these tricks.

PayPal Smishing Campaign

Stealing account details or the PII can have an adverse impact on your identity, as the threat actors can impersonate you to steal funds or commit a crime under your name. One such campaign that’s actively been spreading is spotted by BleepingComputer today.

PayPal Smishing Campaign Spotted Stealing Login Credentials and PII
Source: BleepingComputer

The cybersecurity blog has noted a smishing campaign happening currently that’s intended to steal users’ PayPal login credentials initially, and later take to a billing address page to steal more, identifiable information. As they reported, the campaign starts with a fake text message received to your phone, where it says;

PayPal: We’ve permanently limited your account, please click link below to verify.

This text message is followed by a URL, which if clicked will take you to a PayPal phishing page asking you to log in for verification. Doing so, both the e-mail address/phone number and password entered will be transferred to the hacker’s C2. After this, you’ll be taken to a billing address page asking for more details.

Source: BleepingComputer

This second step includes asking for the full name, date of birth, residential address, and zip code. Unsuspecting users may fall to this trick, as it’s true that PayPal limits account that it sees any suspicious or fraudulent activities happening. This means all the transactions like withdrawing, receiving, and sending money will be limited for a while.

It’s recommended to watch out for such spam emails/messages, and check for the correct URL while entering any sensitive details. And if you realize you’ve fallen to such tricks already, freeze your credit report and change the credentials immediately. Also, it’s recommended not to use the same credentials elsewhere.


Please enter your comment!
Please enter your name here