It’s not always easy to spot a scammer, especially when they disguise themselves as a reputable brand.
When scammers make communications look, feel, and sound like the reputable organization they’re impersonating, it’s known as spoofing. Phishing is an attempt to gain access to your sensitive data via fake emails, websites, text messages, or voicemails. Here are a few things to watch out for, to help make sure you don’t fall for these types of scams.
If you think you’ve clicked a bad link, close out of it immediately, run an antivirus check, and then change your password and security questions. Remember, it’s important you run an antivirus check first because you might’ve gotten malware from clicking the link, and the malware can still pick up your new password.
Then, contact your bank or card issuer and explain the situation. Make sure to review your transaction history over the next few weeks to ensure there are no unauthorized transactions on your account, and if there are, report them immediately.
If you receive an email that you believe could be phishing, don’t respond in any way and also don’t click any links or open any attachments. Instead, simply forward the email to firstname.lastname@example.org. In order to investigate the email just as you received it, we ask that you don’t change the subject line or send the suspicious email as an attachment. After forwarding to us, delete the email from your account so that there’s no further threat to you.
Be assured that we will never send a request for information via email. Instead, we direct account holders to log in to their account and visit the Resolution Center. You know you’re working on the real PayPal site when the URL is https://www.paypal.com.
In addition, to help prevent a cyber criminal from using phished information in a transaction with your business, the following tools are available through PayPal and other fraud management vendors:
Address Verification Service (AVS). Use AVS to verify if the billing address matches the one the card issuer has on file.
Card Security Code (CSC). The CSC is the three- or four-digit number located on the back of the card that confirms the customer has the card in their possession.
Bank Identification Number (BIN). The first six numbers listed on a card are known as the BIN and identify the financial institution that issued the card.
IP geolocation. IP geolocation pinpoints the location of the computer used for the transaction; checking the geolocation details against the billing and shipping address your customer provided can flag possibly fraudulent transactions.
No matter how vigilant you are, inevitably, you will let down your guard and be tempted to click an unsecure link. To help protect you while you browse (and take away some of the stress), there are several site safety rating tools1 available:
These services collect reports about suspicious sites and rank them. They can’t catch every bad link, but they can be a good first line of defense.
We want to help keep your information secure, and alerting us to possible scam attempts helps protect the PayPal community.
You can also access additional information on online security here or by reviewing our FAQs at the bottom of this page.
In partnership with three expert business owners, the PayPal Bootcamp includes practical checklists and a short video loaded with tips to help take your business to the next level.