Share article:
Share article:

Warning: Scammers targetting PayPal customers in Belgium

© Bench Accounting via Unsplash

The online payment platform PayPal has warned users in France and Belgium of a new scam by which crooks try to harvest your personal and financial details using a fake email.

The technique is known as phishing, and involves criminals posing as a trusted entity like a company in order to gain your trust and convince you to hand over details that will then allow them to crack your financial accounts.

Typically, that takes the form of an email explaining some catastrophic breakdown, and asking you to follow a link where you are asked to provide crucial details such as email password, account password or bank details.

The phishing email looks official, with a PayPal logo, and reads as follows (but in French):

Your account is the subject of suspicious transactions. We have temporarily restricted your account due to this suspicious activity until the issue is resolved. If you have not authorised this transaction, please dispute the transaction as soon as possible by clicking the button below.”

Standard practice for the scammers is first of all to sow the seeds of panic in the mind of the recipient, knowing that a panic reaction immediately makes the recipient less wary of possible risk. The message concludes by suggesting an easy solution: click on a link and all will be well.

Of course the recipient disputes the transaction listed, as it has been invented by the thieves and never took place. But once they have visited the link concerned, they are vulnerable to other kinds of fraud, including the installation of malware.

Despite appearances, there is one way to check if the email is really from PayPal or from fraudsters: the headers will reveal that the mail is coming from an @skynet address.

PayPal warns recipients that it always sends communications to customers from an @paypal address, and certainly not from Skynet – an old domain owned by Proximus.

The platform advises recipients to report the email to the authorities via safeonweb.be, then delete it.

Alan Hope
The Brussels Times