What is spoofing and how do I report it?

Spoofing or phishing is a type of fraud where an attempt is made to steal your personal details. An attempt is made to steal sensitive personal information, like your passwords and credit card or bank account numbers.

This type of fraud is often done through a fraudulent email that seems to be sent by a well-known organization. In the email you are asked to take some kind of action, like clicking on a link in the message or calling a telephone number. By clicking such a link you will be redirected to a fraudulent website. And on this website you are asked to submit your personal details.

Phishing however can be carried out by someone or by phone, or by way of a fraudulent pop-up window.

How to recognize a fraudulent email.

We will never ask you by email for the following information:

  • Your credit card or bank account number
  • Your driving license number
  • Passwords

When receiving an email, always pay attention to the following:

  1. The salutation

    PayPal will never address you as 'Dear PayPal user' or 'Dear PayPal member.' You will always be addressed with the name you used to register your PayPal account.

  1. Links in the email

    Do not click on a link in the email. If PayPal needs any information from you, we will ask you to log in to your PayPal account. We will never ask you to send us an email with your personal details. And we will never ask you to open an attachment.

  1. Take immediate action

    Spoofing emails often contain some sort of threat and urge you to take immediate action in order to prevent your account from being limited.

If you think you received a fraudulent email, you can forward this email, including the heading, to spoof@paypal.com. Then delete the email from your inbox. PayPal will send you an email to confirm if this was a fraudulent email or not.

For more information about phishing we recommend you click on Security.