There’s a new phishing scam, and it’s targeting PayPal users, the nonprofit Better Business Bureau warns.
Christopher Boyd of FaceTime Security Labs detected the scam Friday.
The emails say that a transaction “could not be verified,” according to Gizmodo. They contain PayPal’s actual logo and warn consumers about suspicious activity regarding their accounts.
The emails then ask you to update your information to avoid fraudulent activity.
If you click on the link, you will be taken to a fake site – myaccounts-webapps-verify-updated-informations(dot)epauypal(dot)com/myaccount/e6abe – which asks you to verify your information.
“Sadly, anyone submitting their information to this scam will have more to worry about than a fictional declined payment, and may well wander into the land of multiple actual not-declined-at-all payments instead,” writes Boyd in Malwarebytes. “With a tactic such as the above, scammers are onto a winner – there’ll always be someone who panics and clicks through on a “payment failed” missive, just in case.”
Boyd suggests that for any emails you receive regarding payments or personal information, you should not click on the links. “Manually navigate to the website in question and log in directly instead.”
The BBB says if anything sounds odd or questionable in an email, give the company in question a call.
Also look for misspellings.