ÉlevéActifTendance
High Risk
75%
PayPal Phishing Scam
Credential-harvesting pages impersonating PayPal login and dispute flows.
#phishing#financial#email
Aperçu de la menace
PayPal phishing remains one of the most reported financial lures. Attackers clone login pages, send fake payment alerts, and capture credentials plus MFA tokens through reverse-proxy kits.
Comportement d’attaque
- Spoofed payment notification emails
- Fake dispute resolution portals
- Real-time credential relay to attackers
Méthodes d’infection
- Email links
- SMS smishing
- Malvertising on search results
Symptômes et indicateurs
- Unexpected PayPal security alerts
- Login failures after visiting email links
- Unauthorized transactions
Atténuation immédiate
- Do not enter credentials from email links
- Report messages to PayPal and your email provider
- Change password from official app only
Guide de suppression
- Revoke active sessions in PayPal settings
- Enable hardware MFA
- Monitor linked bank accounts
Méthodes de prévention
- Use web protection and phishing modules
- Bookmark official login URLs
- Verify sender domains carefully
Indicateurs télémétriques
- Typosquat domains with paypal substring
- Newly registered SSL certs on lookalike hosts
Log in directly at paypal.com—never through email links. Legitimate messages appear in your PayPal message center when logged in.