- Scammers were found to have registered two websites that look similar to the original PayPal website.
- The targeted users are sent a message that contains links to one of these websites.
Crooks are tricking users into sharing their personal details and login credentials in a new PayPal SMS scam.
How does it happen?
As reported by Naked Security, scammers have registered two websites that look similar to the original PayPal website. The targeted users are sent a message that contains links to one of these websites. These messages are designed in such a way that it creates a sense of urgency among the recipients.
The messages read as ‘Due to a recent failed payment request your account has been restricted’ or ‘We have detected unusual activity on your account’.
The message further prompts the recipient to fill in their personal details in order to prevent their accounts from being locked.
Once the unsuspecting user clicks on the website, they are presented with a bogus PayPal site that prompts them to provide their username and password. After the login credential is entered, the victim is shown another phishing page that asks for more personal details such as full name, date of birth, address, and phone number.
As part of the verification process, the victim is also asked to share their payment card details.
What to do to stay safe?
- Don’t rely on links sent you over the message because they can be used to phish your personal details. Always type the address on the address bar to visit the website.
- Hover over the links sent through a message or an email to know the origin of the URL. Crooks usually disguise the links in order to deceive users.