Paypal phishing scam offering Tesco voucher could drain bank account

Cost of living scams: Expert reveals what to look out for

We use your sign-up to provide content in ways you’ve consented to and to improve our understanding of you. This may include adverts from us and 3rd parties based on our understanding. You can unsubscribe at any time. More info

The latest scam to hit Britons is targeting PayPal users by emailing them an offer to claim a fake £500 Tesco Clubcard voucher through the user’s Paypal account. The email has infact been sent by scammers posing as the online payments platform Paypal. The email then provides a link that scammers will claim a person will need to click on to receive the Tesco Clubcard reward.

Once logged in, the scammers will then have access to bank accounts, any cards associated with the person’s Paypal account, as well as personal information. 

The scammers are then given the power and ability to clear out the account.

The scam works in the same way as the ‘Royal Mail scam’ does which became common last year. 

The warning comes from the payment provider Dojo who states that scammers are getting “more creative with their deceit”. 

Naveed Islam,  chief Information Security Officer said: “With the rise in e-commerce accelerated by the global pandemic, seasoned fraudsters are seizing the opportunity to exploit the vulnerable and less-tech savvy.

“For the many people adopting technologies such as online banking and shopping for the first time during COVID-19, these frauds are incredibly convincing and traumatic.”

Dojo is urging Britons, especially small business owners, to stay vigilant with these types of emails.

This is because the group’s research found that Google searches for “PayPal scam email 2022” have soared by 1,800 percent over the last 12 months.

Alongside its findings the group has issued top tips for spotting a phishing email.

If someone receives an email like this, people should first check the sender’s email address.

Dojo states: “Often scammers will use a suspicious email address that includes words that don’t relate to the company they impersonate or lots of numbers.

“Check for poor spelling and grammar, or mistakes to the company’s name

“Although some fraudulent emails are highly sophisticated, many of them can be poorly worded and there are some tell-tale signs they’re not legitimate.”

READ MORE: Premium Bonds: NS&I announces September 2022 winners – have you won £1million prize?

Britons should also be on the lookout for the formatting of the email. 

This is because a lot of companies send legitimate emails from a templated third-party system which “can be difficult for scammers to replicate”. 

This means if someone receives an email which includes plain-text emails with no branding or brand logos replicated in low resolution it could possibly be a scam.

Dojo recommends people look back at their inboxes to see if the email matches the company’s typical communication designs.

The group urges Britons to not rush into the demands in emails they have received.

It said: “Often scammers thrive from creating a sense of urgency and panic from the recipient. They will use scare tactics or threatening language to make you rush into doing something.

“Whether it’s clicking a suspicious link or providing your personal data, you should take some time to review the email and research its legitimacy before taking any actions.”

If someone has already clicked the link, Dojo states they should “immediately check the URL” and should not log in anywhere as scammers can capture someone’s details and can take over a person’s device remotely.

Mr Islam added: “Your bank, or any other business or organisation, will never ask you to share personal information over email or text. The best advice is to confirm if it’s genuine by contacting them directly using contact details from their legitimate website.

“One of the more concerning aspects about these latest scams is that scammers are making it less obvious by not informing you about fees or payment until you click through on the link, meaning more people may unknowingly fall for the scam.”

If someone has fallen victim to a scam, Dojo states they should contact their bank or building society immediately so they can provide specialist support from their scam unit.

People can also contact Action Fraud and forward the email as an attachment so they can investigate. 

Britons should also report suspicious emails to [email protected] .

Source: Read Full Article