Security News Beware: PayPal "New Address" feature abused to send phishing emails


Level 85
Thread author
Honorary Member
Top Poster
Content Creator
Apr 24, 2016
An ongoing PayPal email scam exploits the platform's address settings to send fake purchase notifications, tricking users into granting remote access to scammers

For the past month, BleepingComputer and others [1, 2] have received emails from PayPal stating, "You added a new address. This is just a quick confirmation that you added an address in your PayPal account."

The email includes the new address that was allegedly added to your PayPal account, including a message claiming to be a purchase confirmation for a MacBook M4, and to call the enclosed PayPal number if you did not authorize the purchase.

"Confirmation: Your shipping address for the MacBook M4 Max 1 TB ($1098.95) has been changed. If you did not authorize this update, please reach out to PayPal at +1-888-668-2508'," reads the scam email.

The emails are being sent directly by PayPal from the address "," causing people to be concerned their account was hacked.

However, those who received this email confirmed that no new addresses were actually added to their accounts. In our case, the scam email was sent to an email address with no PayPal account.
Therefore, if you receive a legitimate email from PayPal stating you updated your address, and it contains a bogus purchase confirmation, simply ignore the email and do not contact the listed phone number as it belongs to the scammer.

To be safe, instead, log into your PayPal account and confirm no additional addresses were added, and if not, junk the email.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.
