A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft.
When PayPal detects suspicious or fraudulent activity on an account, the account will have its status set to “limited,” which will put temporary restrictions on withdrawing, sending, or receiving money.
A new SMS text phishing (smishing) campaign pretends to be from PayPal, stating that your account has been permanently limited unless you verify your account by clicking on a link.
“PayPal: We’ve permanently limited your account, please click link below to verify,” the smishing text message reads.
Clicking on the enclosed link will bring you to a phishing page that prompts you to log in to your account, as shown below.
If you log in on the phishing page, the entered PayPal credentials will be sent to the threat actors. The phishing page then goes a step further as it will try to collect further details from you, including your name, date of birth, address, bank details, and more.
The collected information is used to conduct identity theft attacks, gain access to your other accounts, or perform targeted spear-phishing attacks.
Yesterday, two other people I know received these phishing texts, so it is a very active campaign, and everyone needs to watch out for these messages.
Smishing scams are becoming increasingly popular, so it is always important to treat any text messages containing links as suspicious. As with all phishing emails, never click on suspicious links, but instead go to the main site’s domain to confirm if there is an issue with your account.
What should you do if you enter info at this link?
If you received this text and mistakenly logged into your PayPal account or provided other information, you should immediately go to Paypal.com and change your password.
If you use that same password at other sites, change them there as well.
Taken from Portal: https://www.bleepingcomputer.com/