The safety and security of PayPal users is always our priority. In times of unrest and uncertainty, spammers and scammers around the world will try to take advantage of these vulnerabilities, so it’s important to stay vigilant and protect yourself from such attempts. Below are a few tips to help you stay protected while transacting online.
Industry statistics show that many people reuse the same password everywhere and for those who don’t, most have only three or four passwords for their various accounts. This is why it’s important to have passwords that contain a variety of letters, symbols and numbers. Having a simple password means that you are more vulnerable to malware, phishing and identity theft. Don’t use information that could be found on social media in your passwords such as your pet’s name, children’s names, favorite football team, your name, birthday, driver’s license numbers or phone numbers. Can’t remember all your passwords? You can find reputable password managers online that can manage that for you at little to no cost.
2-step verification (2FA) and mobile PIN
Setting up 2-step verification and a mobile PIN adds a second layer of security to your online account. Login to PayPal and click the settings icon in the top right-hand corner of the screen. Click the ‘Security’ tab to set up a mobile PIN and 2-step verification.
How to spot fake, fraudulent, spoof or phishing emails
Phishing is a form of social engineering that attempts to steal sensitive information by posing as a legitimate institution fishing for your personal details. The attacker’s goal is to compromise systems to obtain usernames, passwords, and other account or financial data. While phishing is frequently accomplished by email, it can also be used via phone and text message.
When you aren't sure if you can trust a communication from PayPal, here are a few guidelines that can help you spot the real from the fake. Below are common practices seen in phishing attempts to watch out for.
If you suspect you’ve been a target of a PayPal phishing scam, forward the entire phishing email or spoof site information to firstname.lastname@example.org. Do not alter the email subject line and do not forward the message as an attachment. Please delete the email from your email account immediately after. To forward a text exchange, follow these steps:
Unauthorized account activity
If you think someone has used your account without permission, report it to PayPal immediately and we’ll help protect you as much as possible. If reported within 60 days of when the transaction appeared on your account statement, PayPal can protect you with $0 liability for eligible unauthorized transactions.