There are many PayPal scams around, but the “Your Account Paypal has been limited” scam is one of the nastiest. It’s a basic phishing scam that sends out email messages in bulk.
So many people now have PayPal accounts, that this random targeting means that many PayPal users receive the emails, and some of them get them in the email account they use for PayPal. Add to that the fact that the email has a PayPal logo in it and it’s easy to see how you could be fooled into thinking it was legitimate. Phishing scams like this rely on scaring users into not thinking clearly and acting immediately. In this case, if you have funds in your account, you’re likely to want access to your account straight away. The purpose of the email is to steal usernames and passwords, so if you click on the link in the email, it takes you to a fake site and asks you to type in your details.
What does the "PayPal account limited" email say?
The text of phishing emails is often poorly worded and contains spelling and grammatical errors. It’s one of the ways you can tell a phishing email from a legitimate message. In this case, the email says:
“Your Account PayPal Has Been Limited !
To get back into your PayPal account, you'll need to confirm your identity.
Click on the link below or copy and past the link into your browser.
Confirm that you're the owner of the account, and then follow the instructions.”
The grammar is pretty good in the body of the email, but the headline is poorly worded — “PayPal” and “Account” are the wrong way round. And notice that the word “paste” is spelled incorrectly. That’s one clue this is a scam. Another clue is that most organizations will address you by name, rather than “Dear Customer”.
Below the text of the email is a link that points to a .ma domain. Those are Morocco country codes and there appear to have been several similar URLs, all with Morocco country codes. If you were to click on the link in the email and arrive at one of those sites, you would be asked for your PayPal email address and password and then perhaps even your credit card details.
How to avoid being phished
PayPal provides a number of tips on how to spot phishing emails. We’ve already covered some of them here, such as looking at the sender address and looking out for a generic greeting such as “Dear Customer”, as well as checking for poor grammar and spelling mistakes.
PayPal also says it will never ask you to send sensitive information by email and that if it needs you to confirm your password, it will ask you to log in to your account. So there’s no reason to ever click on a link in an email that looks like it comes from PayPal. If you want to check on the destination link in any email, you can hover over it with the mouse pointer to see the real address.
You should also be wary of emails that generate a sense of urgency, like the Paypal account has been limited scam, which tries to make you think your account is at risk.
What should I do if I clicked a link?
First, contact PayPal and tell it you think your account may have been compromised. Also, change your password immediately.
After that, it’s worth scanning your computer for malware. There are lots of antivirus tools that will do this for free. But if you have a Mac, one of the easiest ways is to use the malware utility in CleanMyMac X, which has an up-to-date database of the latest malware.
Download CleanMyMac X (for free!)
Launch the app.
Click the Malware Removal tab.
Click Clean to remove the malware threats.
Done! CleanMyMac’s database is constantly updated to make sure that all the recent adware, spyware, worms, and viruses could be detected and removed for good. Download the app and scan your Mac for any vulnerabilities and threats.
The "Your Account PayPal Has Been Limited" phishing email is designed to scare you into clicking a link and supplying sensitive information. Don’t. Instead, either delete the email or mark it as junk and forget about it. If you’re worried about your PayPal account, log into it and change your password. And if you’re worried about malware, scan your computer using and antivirus tool or CleanMyMac X.