Identifying phishing scams
Fraudsters may impersonate PayPal China to gain your trust to steal your account and password information. For your security, we recommend understanding what phishing is and how to identify a phishing attempt.
What is phishing?
Phishing is the attempt to steal your information. Fraudsters often pose as large companies to collect sensitive information, such as your ID card, credit cards, savings cards and bank information, as well as account credentials. Common phishing methods include emails, SMSes, phone calls and websites.
How phishing works
Sending phishing emails is one of the common tactics used by the fraudsters:
Fraudsters often claim to be from a renowned company to lure you into clicking a link or calling a number.
Fraudsters may ask you to fill out a form or click a link that redirects to a phishing website.
Phishing websites often mimic real websites, making it difficult to tell them apart.
Phishing emails can infect your computer with virus by luring you into opening attachments or visiting websites.
Common types of phishing
What is email phishing?
Fraudsters often send emails using a recognized company's official logo and email templates.
How to identify and protect yourself from phishing emails?
Here are some tips for you to identify the email authenticity:
The emails we send usually contain the exact full name associated with your account.
Check the content for grammatical and spelling errors.
You can hover over the link (don't click on it) and double check if the content displayed in the link matches what is mentioned in the email. If the content does not match, do not click on the link.
If you receive an attachment from PayPal China, please check the file name and extension carefully for any suspicious anomalies before opening it.
Fraudsters may claim that your account has been stolen and will be blocked if you do not take prompt action. You can verify this by logging in to your account on the PayPal China website.
If you are not sure if the PayPal China email you received is from a fraudster, we recommend that you do not click on any links in the email. Simply log in to your PayPal China account and check if you have received any urgent notifications.
Case Study I
You receive an email falsely claiming to be from PayPal China that reads, "Your order #ZK04769 has been confirmed for shipment tomorrow, please click on the link below to view your order details." But you have never placed an order before. Out of curiosity, you click on the link, wanting to log in to see what it says, but you realize that the link redirects you to a phishing website.
What should I do if I encounter a phishing attack?
01. Use website security rating tools
Some website security rating tools can keep you safe online by collecting reports of problematic sites and rating them, warning you before you click on a URL. However, even with website security rating tools, we still have to be on the lookout for suspicious links, as fraudsters will update phishing sites in real time, making it difficult even for such tools to detect every problematic link with 100% accuracy.
02. Protect yourself after encountering a phishing attempt
If you feel that you have clicked on a phishing email, text message or website, take the following steps:
Run an anti-virus scan immediately. Make sure to use the latest system and antivirus software.
Change your PayPal China account password and security questions immediately. We recommend that you do the same for your email account and other online accounts.
Keep a close eye on your account balance for any anomalies over the next few months.
