DEAL WITH SUSPICIOUS ACTIVITY
Protecting your data is our top priority, and we’re working 24/7 to ensure that. It’s important you familiarise yourself with a few ways you can keep yourself protected. At PayPal we know you, so any email from us will address you by your first and last name or your business name in the body of the email. We will never address you as “Dear valued customer” or “Dear buyer”. An email from PayPal won’t ask you to send sensitive information like your password, bank account, or credit card details. If information is required to confirm or maintain your account, you will be asked to visit PayPal.co.uk to login securely.
Scam Emails & Phishing: Is that email really from PayPal?
"Phishing" is an illegal attempt to "fish" for your private, sensitive data. It works by using false pretences to trick you into revealing personal or financial information such as bank account details, credit card details, and passwords etc.
One of the most common phishing scams involves sending emails/SMS that fraudulently claims to be from a well-known company (like PayPal). These often link to fake (spoof) websites where your information can be collected if you type it.
The Senders Address
The "From" line may include an official-looking address that mimics a genuine one.
Emails sent by popular companies are almost always free of misspellings and grammatical errors.
Check where a link is going before you click on it by hovering over the URL in an email, and comparing it to the URL in the browser. If it looks suspicious, don’t click it.
The email/SMS asks you to provide the tracking number of the dispatched item, before you’ve received a payment into your PayPal account.
Be wary of impersonal greetings like “Dear User”, or your email address. A legitimate PayPal email will always greet you by your first and last name.
False Sense of Urgency
Many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
A real email from PayPal will never include attachments. You should never open an attachment unless you are 100% sure it’s legitimate, because they can contain spyware or viruses.
Clicking on links
Never click on a link in an email that requests personal information. Any time you receive an email about your PayPal account, open a new browser, type in www.paypal.co.uk, and login to your account directly.
Overall, never click on a link in an email that requests personal information. Any time you receive an email about your PayPal account, open a new browser, type in www.paypal.co.uk, and login to your account directly.
PayPal will never ask you to provide personal information in an email:
- Credit card numbers
- Driver’s license numbers
- Email addresses
- Bank account numbers
- National insurance number
- Date of birth
Forward the entire email to email@example.com
Do not alter the subject line or forward the message as an attachment
Delete the suspicious email from your inbox
We’ll look into it and let you know if it turns out to be fraudulent. In the meantime, don’t click any links or download any attachments within the suspicious email. If you’ve responded to a fraudulent email and you think your PayPal account has been accessed, you should also report that immediately.
Even if a URL contains the word 'PayPal', it may not be a PayPal webpage.
When using PayPal, always ensure that the URL address listed at the top of the browser displays as https://www.paypal.com/uk. The 's' in ‘https’ means the website is secure.
Look for the 'lock' symbol that appears in the address bar. This symbol indicates that the site you are visiting is secure.
If you provided any personal information in response to a phishing email or on a spoof website, change your PayPal password and security questions immediately.
If you provided any financial information, contact your bank and your credit card issuer and tell them about the situation.
Review your PayPal account history to check that you recognise all recent payments.
PayPal is committed to helping shut down these sites and ensure that you’re able to spot phishing immediately. We make it our job to keep your identity as safe as possible, online.
Unauthorised Account Activity
If you think someone has used your account without your permission, tell us right away and we’ll help you as much as possible. We can protect you if you report an eligible unauthorised transaction within 60 days of it appearing on your statement.
SMS SPAM (also known as smishing) can be more than just annoying – it may contain suspicious content. Many carriers will let you report SPAM by simply forwarding the message to ‘7726’ (which is the keys for SPAM on most phones). Check with your service provider to see if this service is supported.