A wave of PayPal phishing emails

Graham Cluley
Graham Cluley
@[email protected]

Over 200 million people have accounts on PayPal, making it a key target for internet fraudsters attempting to steal money.

One of the way that criminals try to get their hands on your cash is by phishing for your PayPal account details.

An aggressive campaign that we have seen widely spammed out in the last few hours does precisely that, pretending to be a security warning from PayPal.

PayPal phishing email

Sign up to our free newsletter.
Security news, advice, and tips.

From: "PayPal" <[email protected]>

Subject: Please confirm your identity

Attached file: update-account.html

Message body:
When you will complete the document we have sent, remember to ALLOW javascript and ActiveX to run from the bar that will pop-up, otherwise we cannot verify the informations you have provided.

February 22, 2011:Valued PayPaI Member, We have reasons to believe that your account was accessed by a third party. Because protecting the security of your account is our primary concern, we have limited access to sensitive PayPal account features. We understand that this may be an inconvenience but please understand that this temporary limitation is for your protection.


Thank you for your time and understanding, PayPal Resolution Center.

Clicking on the HTML attachment will open your web browser, and might trick you into believing that you are on the genuine PayPal webpage.

Attached file steals PayPal information

However, this attack’s intention is to trick you into handing over your credit card details, full date of birth and name and address.

If you’re ever uncertain whether a message really comes from PayPal or not, visit the real PayPal website and log in as usual. If they really have a security message for you, you’ll be able to read it via the PayPal messaging system itself.

Sophos products intercept the emails being used in this latest phishing campaign, ensuring that customers are protected.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.