The email comes in the form as a “new message” from PayPal and claims that an error has been detected in the recipient’s PayPal account and he or she must submit an attached form verifying his or her details or risk having the account suspended.

The email is not from PayPal. The claim that there is a problem with the recipient’s account is nothing but a scam to try and fool a person into submitting PayPal account details to Internet criminals. Any information entered on the bogus form can be collected by criminals and used to hijack the user’s PayPal and credit card accounts.

Example Email

Subject: You have a new message from PayPal !

Dear PayPal Customer,

During our regularly scheduled account maintenance and verification procedure we have detected a slight error in your PayPal online account.

This might be due to the following reasons:

1. A recent change in your personal information (ie. change of address, email address)

2. An inability to accurately verify your selected option of payment due to an internal error within our systems.

Please fill in all the details that are required to complete this verification process.

To do this we have attached a form to this email. Please download the form and follow the instructions on your screen. NOTE: The form needs to be opened in a modern browser which has javascript enabled (ex: Internet Explorer 7, Firefox 3, Safari 3, Opera 9)

Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

If you choose to ignore our request, you leave us no choice but to temporary suspend your account.

Sincerely, PayPal Account Review Department.

Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the “Help” link in the footer of any page.

The message is a Phishing scam and certainly is not from PayPal.

These scammers are getting smarter by re-engineering tactics that were previously used in other scams. The most popular trick is address spoofing and masked links to make email messages to look more legitimate. They will use PayPal logos and other graphics stolen from the genuine PayPal website to make the email look like genuine.

PayPal will never send you an unsolicited email asking you to submit account log in details, bank or credit card details or other personal information such as your full name and driver’s license numbers.

Criminals commonly target popular websites and especially those who provide business transactional services such as PayPal. If you come across such an email, delete it.