Traditionally, phishing scams – including the seemingly endless stream of scam messages designed to steal your PayPal account details – have mainly been distributed via email.
But, of course, criminals are quite willing to use any means at their disposal to find new victims. And, increasingly, these criminals are turning to phone text messages to achieve their nefarious goals.
In this example, the scammers have sent out text messages purporting to be from the PayPal Team. The text warns that your PayPal account has been locked and urges you to follow a link to restore access. But, of course, the text message is certainly not from PayPal. If you click the link as requested, a fake PayPal webpage will open in your smartphone’s default web browser. The fake page, which includes the PayPal logo and formatting, will ask you to login to your account to rectify the supposed issue and ‘unlock’ your account.
If you do ‘login’ on the fake site, the cybercriminals can then steal your login details, use them to hijack your real PayPal account, and conduct fraudulent transactions in your name.
Keep in mind that PayPal will never send you a generic message, be it email or SMS, that requests you to click a link to login your account. Official PayPal messages will always address you by name.
PayPal has information about phishing scams and how to report them on its website.
An example of an SMS PayPal Scam: