PayPal phishing – has your account been temporarily limited?

Phishing for passwords
Have you received an email, seemingly from PayPal, declaring that your account has been temporarily limited?

Plenty of people have been targeted by an attack which uses the subject line “Your account has been temporarily limited!” and claims to come from what appears to be an offiicial PayPal address.

Well, beware opening the attached reactivation form too quickly because you could be passing your personal information to cybercriminals.

Because the emails are bogus, and the headers are forged – all with the intention of stealing information from you.

Sign up to our free newsletter.
Security news, advice, and tips.

Your account has been temporarily limited!

Here is part of the text of that we are seeing being spammed out widely right now:

Dear PayPal account holder,

PayPal is constantly working to ensure security by regularly screening the accounts in our system. We have recently determined that different computers have tried logging into your PayPal account,and multiple password failures were present before the logons.

Sounds scary, eh? People on different computers have been trying to log into your PayPal account, and have been guessing at the passwords? Nasty!

Until we can collect secure information, your access to sensitive account features will be limited. We would like to restore your access as soon as possible, and we apologize for the inconvenience.

Those nice folks at PayPal are looking out for you! They’ve locked down the account because of all the attempted intrusions. Thank goodness!

Download and fill out the form to resolve the problem and then log into your account.

And sure enough, there is a form attached to the email. It’s called Restore_your_account_PayPal.html

But these emails and the form don’t really come from PayPal, and entering your confidential information into the form is only going to pass your private data to the cybercriminals behind this spam campaign who will use it to phish your account for money and perhaps steal your identity.

Sophos customers are proactively protected against this attack. You may not have fallen for it (the lack of graphics in the email body make it look less convincing than some of the PayPal phishing scams we often see) but you may have other loved ones and acquaintances who would be vulnerable to an attack like this.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.