Threat Intel Flash: Sisense Data Compromise: ARC Labs Intelligence Flash

Get the Latest


PayPal SMS Phishing Scam

A PayPal text message phishing campaign is currently underway that is attempting to steal login credentials and other personal information that can be used for identity theft. When PayPal detects suspicious activity on a user’s account, the company will set the account to “limited” which puts temporary restrictions on withdrawing, sending, or receiving money. The new SMS text phishing campaign (smishing) pretends to be PayPal stating that an account has been placed on “limited” status and provides a link to enter login credentials to verify the account. The message reads, “PayPal: We’ve permanently limited your account, please click the link below to verify.” The links direct the user to a very official-looking page that immediately asks for the login credentials and if entered, leads the victim to a second page that asks for more details that include the user’s name, date of birth, address, banking details, and more. If an unsuspecting victim enters this information, it is sent to the attacker to use in a multitude of attacks, including but not limited to, credential stuffing, identity theft, targeted spear-phishing attacks, and more.

Analyst Notes

As with any email or text message that includes a link, the enclosed link should never be used. To check if a recipient’s PayPal account is restricted, the user should go to the official PayPal page which is located at instead of following an embedded link. If someone has fallen victim to a scam like this, the victim should immediately change their login credentials for that service and any that match it. The victim should also closely monitor their financial institution and credit report for any malicious activity.

Source Article: