Go to top of page

Fake Paypal emails request account details

Priority Level: 
High
29 March 2019

What’s happened

The Australian Cyber Security Centre is aware of malicious emails that are falsely telling Australians that their account has violated PayPal rules.

These phishing emails try to lure people into sharing their personal information which could then be used for identity theft and financial gain by cybercriminals.

The email says their PayPal account will be permanently disabled within 48 hours unless the user logs-in using the link provided within the email to ‘update account details’ and ‘activate your account’.

The link sends you to a fake PayPal login portal where your details will be captured by cybercriminals.

How do I stay safe?

If you receive the email:

  • Do not click on the link.
  • Do not enter any information.

You should forward the email to phishing [at] paypal.com.au and can find more information and advice on the Paypal website.

More information

Read more on protecting yourself from phishing – including what to do if you think you have revealed confidential information.

Find out where to get help if you believe you have become a victim of a scam.