A reader asked:
I received this message a few days ago. When I clicked on the link it started taking me through the process of filling out my name, etc… At the point when it asked for my credit card number I stopped, because it didn’t feel legit anymore. I sent paypal an e-mail asking for explanation of their limiting my account, but haven’t heard from them. When I just logged in, everything seemed okay. Do you think I should give them a call? Or just disregard it altogether?
The answer is that this is a SCAM.
The e-mail in question had an attached form that brought up a JavaScript form in a browser. PayPal would never ask for your information in this way. The form is an attempt to steal your information and PayPal password (which is connected to your credit and bank accounts!) through phishing, or using a real-looking page to trick the user into giving up private information. This is what the legit-looking phishing page looked like, complete with the PayPal logo and header at the top of the page:
If you ever receive one of these and you are not sure if it legit, your first response should be to go directly to paypal.com and log into your account (NOT through any link or through clicking on any e-mail). If you have a legitimate issue with your account, you will see a warning when you log in like this:
If you do not see any sort of error and your account is working normally, you should be fine.
And remember, if you ever mistakingly give your information to this type of scam, your first course of action should be to CHANGE YOUR PASSWORD IMMEDIATELY and watch for any suspicious activity in your PayPal activity log.
P.S. — This sort of scam is not limited to PayPal. I have seen these e-mails for every type of major bank, Netflix and Hulu accounts, Craigslist accounts, and even Google accounts. Be careful out there!
Do you have a burning tech question that you need answered? See this post for details on how you can get it answered for free this October.