Watch out for Fake PayPal SMS Messages That Are Used by Schemers!

It seems that only yesterday we talked about the “New Login From Unknown Device” scam designed to trick unsuspecting PayPal users into giving away their sensitive information. This scam centered around emails that were devised to lure personal information from you. Of course, cybercrooks are not going to pull back from their relentless attacks. And so, we have yet another dangerous campaign to talk about. This time, it is an SMS scam for PayPal users. The scam was reported by PayPal users, and we’re going to make use of this opportunity to delve deeper into the subject.

How does the PayPal SMS scam work?

The name itself is quite self-explanatory, right? It basically means that this scam relies on fake PayPal SMS messages to trick users into giving away their personal information. We might not be using text messages for communication as often as before, but businesses still employ them increasingly often for basic customer service communication. After all, no matter what kind of phone or reception coverage you have, the chances are that text messages would reach you anyway. So, it is not that surprising to receive sales offers, notifications about take-out orders, and even one-time passwords via SMS.

This kind of environment makes the SMS scam quite believable. Also, here, we have a number acquisition problem. How did the cybercriminals get your phone number? It’s very likely that some of your personal information got stolen from one of the many accounts that you have on multiple services, and the information was sold on the darknet for a price. Of course, it would be ideal if you could change your phone number, but that is highly cumbersome. Instead, you should report the number that you see at the top of the fake PayPal SMS message.

You must have noticed by now that when you receive text messages from various services, there usually is no number at the top where the sender is indicated. You mainly see the name of the sender, like PayPal, Google, British Airways, what have you. Scammers, on the other hand, often do not go that far, and you still see a phone number at the top instead of a name. And THAT is the first red flag which indicates that there’s something utterly wrong about the text you received.

Next, the fake PayPal SMS message claims that there are some problems either with your PayPal account or with your payment. It then tells you to visit a hyperlink that is pasted in the message so that you could fix that problem.

Please note that reputable services would selfdom send a text message with a complicated hyperlink. Normally, you get a text with either a domain name (like cyclonis.com) or a message that encourages you to check out the service through their app or main website. In fact, it’s always a good idea to access the service directly through your browser instead of clicking links in the texts you receive. After all, as we have mentioned above, the main objective of this SMS scam is to steal your personal information. And if you click the hyperlink in the text, that’s exactly what those crooks will do.

How does that happen? Well, if you click that link, you will be automatically redirected to a website that looks exactly like the PayPal login page. The moment you “log in,” the criminals obtain your email address and password, and then you get redirected to yet another bogus page where they ask you to enter your personal information to “verify” your account. This way, the criminals can lure out such information as your name, address, date of birth, credit card numbers, and other personal data. All the while, it will look like you’re renewing your details on a legitimate PayPal website. Scary, isn’t it?

How can I avoid the SMS scam?

We have already mentioned the basics of avoiding SMS scams: do not click the links you receive via text messages. This is especially relevant when the message in question comes with a very urgent tone. If you must check whether you really have some problem with your PayPal account, you can always access it via your phone app or through web browser. Just do not be so hasty as to tap the link in the text.

Next, one of the best ways to avoid SMS scams is to boost your PayPal account security. Have you ever checked what kind of notifications PayPal can send to your phone in the first place? If you log in to your account and tap the settings icon (that’s the cogwheel at the top right), you will reach the notifications section. There, you can see that there are five types of notifications related to payments that you can receive from PayPal. You can get notified via text when you make a payment, start a payment but don’t complete it, have a problem with payment, request a payment, and receive a payment. You can also toggle the settings in a way that you will only receive email notifications and no texts.

So, if you know what kind of texts you can receive from PayPal, you will be less susceptible to SMS scams. But that’s not everything. Let’s not forget that your PayPal account has a lot of sensitive information (including your phone number), so you should definitely make sure that it is protected.

When was the last time you updated your PayPal password? Maybe you’re tired of renewing your passwords all the time, and you clearly know that using your dog’s name for that is not the safest option. How about using a password manager tool to generate new strong passwords and keep them safe under a strong encryption?

While you’re at it, you should also consider setting up 2-step verification on your PayPal account. Sure, a strong password is a good idea, but several layers of security are even a better option. If you’re still in the settings menu, click Security (that’s on the left from Notifications), and click Set Up next to 2-step verification. There, you can choose to get a one-time code through a text message each time you try to access your account. If you take these safety measures and be careful about the worrying texts you receive from unknown parties, you should be able to avoid dangerous scams and protect your personal information.

By Foley
April 20, 2020
Computer Security
April 20, 2020
Computer Security

Popular Posts

As Fears of the Coronavirus Pandemic Spread, So Does...

4 years ago

Microsoft Warns State-Backed Threat Actors Are Using AI in...

4 days ago

Trojan Al11 Malware Detection & Removal - An Essential...

11 months ago

Pinaview is a Fully-Featured Adware App

10 months ago

"Your iCloud is Being Hacked" and "Your iPhone has Been...

7 months ago

What is Lucky Ransomware?

7 months ago

Related Posts

News

Watch out for the 'New Login From Unknown Device' PayPal Scam

In late December, researchers from ESET noticed that PayPal users in Latin America were targeted by a phishing campaign that could be going on to this very day. Unfortunately, it's difficult to say how big the attack... Read more

January 2, 2020
Tips

Two-Factor SMS Authentication Will Not Protect You If Hackers Can Intercept Your Messages

For the sake of simplicity, experts often describe two-factor authentication (2FA) as a system that lets you log in to your account only if you provide something you know as well as something you have. The thing you... Read more

January 9, 2019
News

A New Scam Is Targeting Venmo Users via SMS Messages

With every new security issue that makes the headlines, we ought to update our cybersecurity knowledge. The latest Venmo SMS scam should probably make us pay more attention to what kind of text messages we receive.... Read more

December 6, 2019
Loading...

Cyclonis Backup Details & Terms

The Free Basic Cyclonis Backup plan gives you 2 GB of cloud storage space with full functionality! No credit card required. Need more storage space? Purchase a larger Cyclonis Backup plan today! To learn more about our policies and pricing, see Terms of Service, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Cyclonis Password Manager Details & Terms

FREE Trial: 30-Day One-Time Offer! No credit card required for Free Trial. Full functionality for the length of the Free Trial. (Full functionality after Free Trial requires subscription purchase.) To learn more about our policies and pricing, see EULA, Privacy Policy, Discount Terms and Purchase Page. If you wish to uninstall the app, please visit the Uninstallation Instructions page.

Home

Products

Cyclonis Backup Cyclonis Password Manager Cyclonis World Time

Support

Help Files FAQs Downloads Inquiries & Support

Company

About Us Contact Us Report Abuse

Legal (Post Merger)

EnigmaSoft Limited (fka Cyclonis Limited)

Cyclonis Backup's Terms of Service Cyclonis Password Manager's EULA Cyclonis World Time's Terms of Service Privacy Policy Cookie Policy Special Discount Offer Terms Additional Terms & Conditions SpyHunter EULA RegHunter EULA EnigmaSoft Privacy Policy & Cookie Policy ESG Privacy Policy & Cookie Policy EnigmaSoft Discount Offer Terms ESG Discount Offer Terms

© 2017-2024 Cyclonis Ltd. CYCLONIS is a trademark of EnigmaSoft Limited (Cyclonis was merged into EnigmaSoft Limited effective November 25, 2023.) All rights reserved.

Registered Office EnigmaSoft Limited: 1 Castle Street, 3rd Floor, Dublin 2 D02 XD82, Ireland.
EnigmaSoft Limited, Private Company Limited by shares, Company Registration Number 597114.

Windows is a trademark of Microsoft, registered in the U.S. and other countries.
Mac, iPhone, iPad and App Store are trademarks of Apple Inc., registered in the U.S. and other countries.
iOS is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
Android and Google Play are trademarks of Google LLC.