Paypal phishing attack warns your account has been limited

I received an email seemingly from PayPal informing me that access to my account has been limited. It threw me off because I received this at my work email, which is not registered with PayPal. I immediately wondered if my account got hacked. Here is a screenshot of the email:

Image 1: Bogus phishing email example from PayPal

The “Click to Confirm” link redirected me to a legitimate-looking PayPal homepage that mimics their current website design.

Image 2: PayPal homepage look-a-like used to conduct phishing attacks

Examining the structure of the target URL revealed a different domain – and not


Interestingly enough, some of the links on the copycat homepage point to the official PayPal website. For example, the “Buy” hyperlink points to the correct hxxps:// URL. By doing this, the cybercriminal is attempting to fool unsuspecting users that the site is legitimate. Like many other phishing emails, this attack’s intention is to trick you into handing over your PayPal account details, including a credit card number.

One way to check if there is problem with your account is to type the URL directly into your web browser and log in as usual. If any legit security messages or account alerts exist, they will be clearly visible via the PayPal messaging system. Here is another example of a PayPal phishing email:


Image 3: Another example of a PayPal phishing email

The hyperlinks in the email (image 3) redirect to the same, bogus hxxp:// URL, which is nothing more than a phishing website.

Here are five simple tips to avoid being defrauded by phishing emails:
Check all hyperlinks within the email and verify that they point to the parent domain of the brand mentioned in the message. In this case, the hyperlinks should all be under the domain.

Be wary of sub-domains, such as While it is common of brands to utilize sub-domains for legit reasons, cybercriminals can also leverage them to conduct phishing attacks.

If the email contents or the information being conveyed look suspicious, go directly to the site and login. Information regarding pending transactions or issues with your account is typically visible in your dashboard.

If you receive a notification into an email address not registered to PayPal, it is probably a good idea to ignore it.

5. When in doubt, STOP. THINK. CONNECT. ™

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s