Twitter-verse beware: there’s a new PayPal scam that is cropping up all over Twitter. A phishing scheme is sending around what looks like a valid support request through fake Twitter profiles to gain access to your PayPal login. User be warned: if you do receive such a request, it’s almost surely a fake.
While their Twitter pages look legit, these scammers are currently using names like AskPayPal_Tech or AskPayPal. (NOTE: these two accounts have, as of this posting, been suspended by Twitter.) Data theft scams are usually pretty easy to spot, especially because of typos, poor grammar, and that the pages were created within the last 30 days. Please note that this is the actual PayPal Twitter account here: https://twitter.com/PayPal.
New and Sophisticated Angler Phishers Find Unsuspecting Consumer
This new type of phishing scam, called Angler Phishing, detects when Twitter users have Tweeted PayPal, and other services, looking for customer support. Because the customer in question is expecting a response, trusting customers are then entering their personal data into the fraudster’s message which could also include private details like credit card and banking information. The resulting data theft then gives the phishers access to personal financial transactions before the consumer realizes what’s happened.
PayPal and Twitter are actively monitoring these fake accounts to protect their customers’ identities. In general, however, because it’s the Internet, and social media, people should adopt a general “buyer beware” attitude and report any suspected activity to PayPal before you act or send over any private details. This Twitter PayPal scam is just the latest in a long line of scams that pop up in your email, across social media, and all over the web on a regular basis.
PayPal even created a page to help their customers better detect spoofs and phishing emails. If you have contacted PayPal via any of their social media platforms and are concerned that you’ve been pinged by a trickster, you can send an email to firstname.lastname@example.org so their security team can vet it and, if it is a fake, work with Twitter et al to shut it down.
PayPal Scam Security Tips
It’s very unlikely that PayPal, or any other financial institution, will ask you to confirm or enter any private information anywhere other than when you’re logging in. Also, look for other awkward and strange language in messages and emails like “Greetings” or “Welcome, Customer.” Expect that you will see official company logos and other design elements that are made to fool you. As always, if you have any suspicions, contact the company’s customer support team immediately.