PayPal will be split into separate company by middle of next year
A new phishing scam is targeting PayPal users Reuters

A new PayPal phishing campaign has emerged, which redirects users to a site controlled by hackers showing a fake PayPal login page.

Users are being tricked into giving away their PayPal credentials, payment card details, and most significantly a selfie holding their ID card.

Security researchers from PhishMe say hackers are relying on spam emails to drive users towards this PayPal phishing page hosted on a compromised WordPress site from New Zealand.

Once users enter their logins the phisher asks for more details including the user's card details and the picture of their ID card.

Pay Pal was hit by a phishing scam earlier this year when users were tricked into giving their social security numbers.

As for the phishing technique, a similar tactic of uploading a selfie while holding an ID card was seen in October 2016, when McAfee discovered a variant of the Acecard Android banking trojan. It too asked users to upload their selfies when logging into their mobile banking accounts.

How to stay safe

  • Beware of hyperlinks in emails. Generally only emails that are meant to reset your password or confirm an email address need you to click on hyperlinks.
  • Check the domain name in the URL browser correctly before entering any sensitive details. is the correct domain and everything else is likely a fake page.
  • If there is a time countdown not amounting to days but hours or minutes it is likely to be a phishing attempt.
  • Look out for generic greetings like 'Hello, PayPal member'. The company after its last phishing scam has said they only address users by their full names.
  • PayPal generally asks one or two security questions to authenticate and not all your details because it already has them stored.
  • In case you do receive such dodgy e-mails report them to or .com depending on your country, without changing the subject line or forwarding the message as an attachment. After sending it make sure to delete the email.