Phishing emails and hoax websites ask you to click on links, contact them, or open attachments to update your account information, confirm your password or confirm a purchase you haven’t made. When you follow the links, the sites are unsecured, letting the fraudsters collect your login details and/or financial information.
Phishing scams almost always imitate well-known companies and include company logos, official-looking email templates, or phone call scripts similar to genuine company communications. There are some things to look for that can help you tell the difference.
If you’ve received a phishing email or stumbled across a hoax website, even if you’re not sure, forward it to us at phishing@paypal.com and we’ll investigate it. Make sure you forward the email (don’t send it as an attachment) so valuable tracking information about the source stays intact. Once done, delete the email permanently from your inbox – never click any links.
Be cautious when communicating with others through direct messaging as scammers may attempt to trick you into providing personal information. PayPal users should never share sensitive personal or financial information, for example: