Scammers are targeting email inboxes in a sophisticated phishing scheme that impersonates multiple businesses. These emails appear authentic, with logos, graphics, and footers designed to mimic email from a well-known company. However, it’s fraudulent. This is a common tactic scammers use to steal your personal information.
How the scam works
You receive an email that seems to be from a verified business stating you have an unauthorized transaction. To resolve this, the email advises you to contact the respective business’ customer service team by providing a fake number or email.
The email might also include a message prompting you to review and sign a document. The email doesn’t state what the document is for or why you need to sign it.
In reality, the email is fake and attempts to get you to click on suspicious links or to call bogus customer service telephone numbers to try to steal your personal or financial information.
Tips to avoid email phishing scams
Common phishing attempts can take on many forms as scammers attempt to take advantage of people’s trust in many well-known brands. Receiving an email about an unauthorized payment on your account can cause panic and stress. Scammers often try to pressure you to act right away without thinking.
Before you act on the email, stay calm and take a moment to walk through the following suggestions on how to protect yourself online.
- Don’t click, download, or open anything from the email. Phishing emails attempt to access your personal information or install malware on your devices with bad links and attachments.
- Verify the claims in the email on your own. If you receive a suspicious email saying an unauthorized payment was made to one of your financial accounts, verify the claim on your own. Do not click any of the login links or contact any of the phone numbers or email addresses included in the email. Go to your financial institution or company’s website on your own and log in to your accounts to check them there. You can also call the number listed on the company’s website to verify the transactions.
- Never give out your personal information. If you receive a suspicious email, do not call any listed phone numbers, reply, open links, or download attachments. PayPal customer service will never ask customers for certain personal information, their password, SMS verification codes, or financial details by email, text message, or over the phone. Be wary if you are asked to provide these details.
- Get a second opinion. If you’re still unsure about the validity of the email, call a friend, loved one, or your local BBB to ask for a second opinion. You can also search on BBB Scam Tracker to see if others have reported receiving a similar suspicious email.
- Report and flag emails. PayPal recommends reporting any phishing emails to the security team by forwarding them to phishing@paypal.com and then deleting them. Suspicious emails can also be flagged directly to email providers.