Beware of PayPal phishing scam

Published February 07, 2025

One of our team members received a scam email from the legitimate support@paypal.com email address today. In addition to the sender being a legitimate PayPal address, valid links to PayPal were also included in the email.

So, where does the scam aspect come into play? Within the note there is a message (from the scammer) declaring that "PayPal has detected some unusual activity..." and the note goes on to list a phone number to call. This is NOT a valid phone number associated with PayPal. In fact, the phone number itself replaces the number one with the pipe character "|" and the number zero with the letter "O." This is done to circumvent PayPal's security measure to automatically remove phone numbers from notes.

Additionally, the email appears to be using a BCC to include other recipients beside the person in the To: field. The NRC team member who received this was not the primary recipient. So, this was another red flag.

As always, if you're concerned about unusual activity on any of your accounts, the best practice is to avoid clicking on links sent via email, and to just go to the known legitimate site for that account in your web-browser of choice. Additionally, it's wise to avoid calling phone numbers sent in emails, as well. Only use known phone numbers or look them up on the official website of the company in question.

If you receive a suspicious email from PayPal that you believe might be a scam, you can for it to phishing@paypal.com. You can also learn more at PayPal's How to identify fake messages page