PayPal Customer Review Team Warning of Unusual Charges-Fiction! & Phishing!


Summary of eRumor:

This is an email allegedly sent from PayPal that says they have detected unusual charges on the credit card that is linked to the PayPal account.  The email warns that the account has been limited and comes with a compressed file attached for the reader to open and confirm the account.

The Truth:

This is an impressive looking phishing scam with a sense of urgency that could trick the reader into replying and divulging all sorts of personal information.

Take a look at the image below then scroll down for tips to help you spot a possible phish:

How to Spot a Phish:

We found some clues in the message that helped us to determine that this was a fraudulent email.

The first one was obvious, the sender address was not from a email address.

The email said that there were unusual charges on the credit card linked to the PayPal account.  Usually, it is the bank who issued the credit card that would send such a notice, not PayPal.

Also, PayPal does not normally send emails to a customer using BCC or undisclosed-recipients.  PayPal would never send such a notice address to “Dear Valued Member.”  If the online payment site sends an email notification to a client they will address the recipient by the name that the customer used to register the account. has a comprehensive guide on their site on how to spot phishing.  Click here for guide.

This email is a new and improved version of and older phishing scam disguised to look like it came from PayPal.  Click here for old scam.

updated 06/07/12

A real example of the eRumor as it has appeared on the Internet:

-This email has been sent by PayPal’s Customer Review Team. Please read it carefully.-

Dear Valued Member,

Unusual charges were recently detected to a credit card linked to your PayPal account.
Due to this, access to your account was limited.

There were numerous log-in attempts by an unauthorized user to your account.
To ensure greater security, we have limited access to your account. We have attached a file
in this e-mail for you that will verify that you are the legitimate account holder (owner).
Please download and open it in your browser.

(This security breach issue may be found under reference PP # 684-883-552)

Thank you for your immediate attention to this matter. Please understand that this
is a security measure taken by our security team intended to protect you and your account. We apologize
for any inconvenience.

PayPal Customer Review Team – 2012