Skip to main content

Avoid These Bogus, Login-Stealing PayPal Twitter Accounts

If you have a customer support question for PayPal, consider using the phone or email. On Twitter, scammers are using a method called angler phishing to steal credentials, according to security firm Proofpoint.

Credit: ymgerman / Shutterstock.com

(Image credit: ymgerman / Shutterstock.com)

The attackers wait for someone to ask the official @PayPal account for assistance (or simply rage about something that requires support, as you do on Twitter), and then swoop in using a fake account. Often times, they'll use a word like "ask" in the handle in an attempt to appear legitimate. These accounts provide links that they claim will help with problems, but they require logins. These login pages may appear official and even include PayPal's logo, which makes it look real, but the forms are stealing usernames and passwords.

MORE: 10 Worst Online Scams and How to Avoid Them

PayPal's actual Twitter accounts, @PayPal and @AskPayPal, are both verified. If you're dealing with the company's customer support on Twitter, be sure to look for the blue checkmark.

Users who fall for the scam, though, may assume the attackers are the real deal. After all, they've already reached out to PayPal on Twitter and are expecting an account. So remember, don't click on links unless you know who they're coming from, and don't submit usernames and passwords when you didn't initiate the login process yourself.

PayPal and Twitter are reportedly working together to resolve the problem.