Overview
- A fresh barrage of PayPal‑branded emails claims accounts are restricted or at risk of suspension unless identity is confirmed within 48 hours.
- The messages copy PayPal’s design, use generic greetings, and push recipients to click links that lead to convincing fake sites to steal credentials.
- Germany’s Verbraucherzentrale has issued new warnings, and PayPal notes genuine messages include the recipient’s full name and do not request passwords via links.
- Similar phishing is hitting bank customers, with fake notices targeting Volksbank users about VR‑SecureGo updates by October 9 and Targobank users about easyTAN within 24 hours.
- Guidance from consumer groups advises marking such emails as spam, avoiding links and attachments, checking accounts directly in the official app or website, contacting PayPal or the bank if data was shared, and filing a police report if necessary.