Threat Database Phishing 'PayPal - Order Has Been Completed' Email Scam

'PayPal - Order Has Been Completed' Email Scam

Upon inspection of the "PayPal - Order Has Been Completed" email, it has been determined that it is a fraudulent message. The email is designed to appear as a notification from PayPal, indicating that a purchase has been successfully made. However, the purpose of this spam email is to deceive its recipients into calling the provided helpline number, which is part of the tactic.

It should be noted that this email is not affiliated with PayPal Holdings, Inc. in any way. This means that the company did not send this email, nor is it responsible for any fraudulent activities that may occur as a result of interacting with the provided helpline number. Recipients of this email should not respond to it or provide any personal information to the sender or the provided helpline number. Instead, the email should be deleted immediately to avoid any potential harm.

The 'PayPal - Order Has Been Completed' Email Scam Takes Advantage of Unsuspecting Victims

The spam email that has been circulating with a subject line such as "Thank you for being Paypal's customer!" (subject line may vary) has been found to be a fraudulent purchase notification. It claims that the recipient has made a purchase of 756.40 USD worth of the Bitcoin cryptocurrency (at 0.000043 USD/BTC exchange rate) via PayPal. The email warns the recipient that if they do not recognize this purchase, they should contact the provided telephone number immediately to restrict the transfer of Bitcoins, as such transactions are irreversible.

However, this email is fake and has no association with PayPal Holdings, Inc. It is a callback tactic that can take on various forms to trick victims. These tactics related to purchases are often disguised as refund or technical support tactics. The cybercriminals behind these tactics usually request remote access to the victim's device through software like AnyDesk, TeamViewer, UltraViewer, etc. Once connected, the fraudsters can remove genuine security tools, install fake anti-virus software, collect data, and even infect the system with malware, such as Trojans, ransomware, cryptocurrency miners and other unsafe software.

The Consequences of Falling for a Tactic like the 'PayPal - Order Has Been Completed' could be Severe

Fraudsters prefer to use payment methods that are difficult to trace, such as cryptocurrencies, gift cards, pre-paid vouchers, or cash concealed in packages that appear innocent and shipped. In addition, phishing tactics like the "PayPal - Order Has Been Completed" also may target victims' cryptocurrency wallets, which can lead to the theft of these assets.

Moreover, cybercriminals target various sensitive information, including personally identifiable information such as names, addresses, and occupations; login credentials for online banking, money transferring, e-commerce, and cryptocurrency wallets, as well as finance-related information, such as bank account details and credit card numbers.

To obtain this information, the fraudsters may trick victims into revealing it over the phone, entering it into a phishing site or file, or typing it where the criminals claim they cannot see it. Additionally, they may use malware to collect data.

In summary, emails like 'PayPal - Order Has Been Completed' can lead to system infections, serious privacy issues, financial losses, and even identity theft, which highlights the importance of being vigilant and taking measures to protect sensitive information.


Most Viewed