When I received the email with this subject heading: Your Account Has Been Limited Case ID 8001512-104, my first thought was to delete it, knowing full well this is not from PayPal.
But then I decided that perhaps I should show an example of what a phishing scam looks like, so you can see first-hand WHAT NOT TO CLICK ON.
First of all, check out the return email address first. It does not say @paypal.com, and if it did, PayPal will never email you with an issue or get you to click a link.
PayPal has an email set up specifically for this kind of occasion. Whenever you receive a suspicious email purporting to be from PayPal, forward the whole message here: email@example.com. This is how they shut the bad guys down.
I did just that with the email above and immediately got this response from PayPal — the REAL PayPal:
Thanks for forwarding that suspicious-looking email. You’re right – it
was a phishing attempt, and we’re working on stopping the fraud. By
reporting the problem, you’ve made a difference!
Identity thieves try to trick you into revealing your password or other
personal information through phishing emails and fake websites. To learn
more about online safety, click “Security Center” on any PayPal webpage.
Every email counts. When you forward suspicious-looking emails to
firstname.lastname@example.org, you help keep yourself and others safe from identity
Your account security is very important to us, so we appreciate your
This email is sent to you by the contracting entity to your User
Agreement, either PayPal Ince, PayPal Pte. Ltd or PayPal (Europe) S.à
r.l. & Cie, S.C.A. Société en Commandite par Actions, Registered Office:
5th Floor 22-24 Boulevard Royal L-2449, Luxembourg RCS Luxembourg B 118
Thank you for being a proactive contributor by reporting
suspicious-looking emails to PayPal’s Abuse Department. Our security
team is working to identify if the email you forwarded to us is a
Paypal Will Always:
– Address our customers by their first and last name or business name of
their PayPal account
Paypal Will Never:
– Send an email to: “Undisclosed Recipients” or more than one email
– Ask you to download a form or file to resolve an issue
– Ask in an email to verify an account using Personal Information such
as Name, Date of Birth, Driver’s License, or Address
– Ask in an email to verify an account using Bank Account Information
such as Bank Name, Routing Number, or Bank Account PIN Number
– Ask in an email to verify an account using Credit Card Information
such as Credit Card Number or Type, Expiration Date, ATM PIN Number, or
CVV2 Security Code
– Ask for your full credit card number without displaying the type of
card and the last two digits
– Ask you for your full bank account number without displaying your bank
name, type of account (Checking/Savings) and the last two digits
– Ask you for your security question answers without displaying each
security question you created
– Ask you to ship an item, pay a shipping fee, send a Western Union
Money Transfer, or provide a tracking number before the payment received
is available in your transaction history
Any time you receive an email about changes to your PayPal account, the
safest way to confirm the email’s validity is to log in to your PayPal
account where any of the activity reported in the email will be
available to view. DO NOT USE THE LINKS IN THE EMAIL RECEIVED TO VISIT
THE PAYPAL WEBSITE. Instead, enter www.paypal.com into your browser to
log in to your account.
What is a phishing email?
You may have received an email falsely claiming to be from PayPal or
another known entity. This is called “phishing” because the sender is
“fishing” for your personal data. The goal is to trick you into clicking
through to a fake or “spoofed” website, or into calling a bogus customer
service number where they can collect and steal your sensitive personal
or financial information.
We will carefully review the content reported to us to certify that the
content is legitimate. We will contact you if we need any additional
information for investigating the matter. Please take note to the
security tips provided above as they may help to answer any questions
that you may have about the email you are reporting to us.
Help! I responded to a phishing email!
If you have responded to a phishing email and provided any personal
information, or if you think someone has used your account without
permission, you should immediately change your password and security
You should also report it to PayPal immediately and we’ll help protect
you as much as possible.
1. Open a new browser and type in www.paypal.com.
2. Log in to your PayPal account.
3. Click “Security and Protection” near the top of the page.
4. Click “Identify a problem.”
5. Click “I think someone may be using my account without permission.”
6. Click “Unauthorized Account Activity.”
Thank you for your help making a difference.
Every email counts. By forwarding a suspicious-looking email to
email@example.com, you have helped keep yourself and others safe from
The PayPal Team
Please do not reply to this email. If you need to follow up, please
follow the steps above to access your account and utilize the Contact Us
resources from our site.