Just had an email which appears to be from PayPal. Has the logo and comes from service@secure.com
The first line says “Your account has limitations – you can resolve this now” and then:
You may have noticed that some limitations have been placed on your PayPal account. This is part of our security process and helps ensure that we continue to be a safer way to buy and sell. Often all that’s needed is a bit more information about you.
We know this can be frustrating but our aim is purely to protect you and your account. The sooner you provide the information we need, the sooner we can resolve the situation. We aim to review your account within 48 hours.
There is then a button to click to “Remove Limitation”.
The “Remove Limitation” but using a Google short URL to link to the destination: goo.gl/NZco0T
This seems unusual – why would Paypal do that? The link redirects to a website that looks like Paypal, but is on the domain s24sms.com
Here a screen shots of the email and the destination:
Maybe coicidence, but I am in the process of selling a car on ebay. Could this be connected? Was I targeted?
Or, it could be Paypal! At the moment I am not entirely sure, but am certainly going to err on the side of caution and not sign in to that page.
Tip: if in doubt go direct to Paypal.co.uk and sign in, and check your account for messages.
Hopefully Paypal will resolve this for us and confirm whether or not it is their website.
Update: I just looked at the s24sms home page – does not look like Paypal at all, in fact, it has the default Joomla! logo on it.