PayPal’s “New Address” Feature Exploited: Here’s What to Know.

In recent times, cybercriminals have found a new way to exploit PayPal’s “New Address” feature to send phishing emails. This scam has been causing concern among users, as it cleverly bypasses security filters and appears to come from a legitimate PayPal email address.

How the Scam Works

The scam begins with an email from “service@paypal.com,” informing the recipient that a new address has been added to their PayPal account. The email includes a message claiming to be a purchase confirmation for an expensive item, such as a MacBook. The goal is to trick the recipient into thinking their account has been hacked and scare them into calling the provided phone number.

When the recipient calls the number, they are connected to a scammer posing as a PayPal support representative. The scammer then tries to convince the recipient to download and run software that will supposedly help them regain access to their account and block the alleged transaction. In reality, this software allows the scammer to gain remote access to the recipient’s computer, potentially leading to theft of personal information, money, or data.

Why This Scam is Effective

This phishing scam is particularly effective because the emails are sent directly from PayPal’s legitimate email address, making them difficult to detect as fraudulent. Additionally, the emails pass security and spam filters, further increasing the likelihood that recipients will fall for the scam.

Moreover, the scam preys on the recipient’s fear and urgency, creating a sense of panic that can cloud their judgment. The use of a high-value item, such as a MacBook, adds to the perceived severity of the situation, making recipients more likely to take immediate action without thoroughly verifying the email’s authenticity.

How to Protect Yourself

To protect yourself from falling victim to this scam, it is essential to remain vigilant and follow these steps:

1. Verify the Email: If you receive an email claiming that a new address has been added to your PayPal account, log in to your PayPal account directly through the official website or app to check for any unauthorized changes. Do not click on any links or call any phone numbers provided in the email.
2. Ignore Suspicious Emails: If the email contains a bogus purchase confirmation, simply ignore it and do not contact the listed phone number. Instead, report the email to PayPal’s phishing email address (phishing@paypal.com) and delete it from your inbox.
3. Enable Two-Factor Authentication: Adding an extra layer of security to your PayPal account can help prevent unauthorized access. Enable two-factor authentication (2FA) to ensure that even if someone obtains your password, they will still need a second form of verification to access your account.
4. Stay Informed: Keep yourself updated on the latest phishing scams and cybersecurity threats. By staying informed, you can better recognize and avoid potential scams.

Conclusion

The abuse of PayPal’s “New Address” feature to send phishing emails highlights the ever-evolving tactics of cybercriminals. By understanding how this scam works and taking proactive steps to protect yourself, you can reduce the risk of falling victim to such fraudulent schemes. Always verify the authenticity of emails and remain cautious when dealing with unexpected messages related to your financial accounts.

You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it