This week we’ve detected another set of deceptive PayPal-based invoice scams. Like the examples before it (available here and here), these scams are particularly well disguised because they’re sent from a legitimate PayPal email address — but all is not as it seems. Read on to learn more.
MikroTik LLC PayPal Invoice Scam
This scam misuses the brand name of MikroTik, a Latvian network equipment manufacturer. In this scam, and just like all the other examples mentioned in this article, the scammers send would-be victims fake PayPal invoices under the name of the impersonated company. Here’s what the content of this MikroTik LLC PayPal invoice scam looks like:
“Here’s your invoice
Microtik LLC sent you an invoice for $489.00 USD
View and Pay Invoice
Buy now. Pay over time.
Simply select PayPal Credit at checkout and enjoy No Interest if paid in full in 6 months. Subject to credit approval. See terms. US customers only.
Seller note to customer
There is evidence of a third party potentially compromising your PayPal account. This transaction will be reflected on your history after 48 hours. Scammers perform their operations through automated systems. If you have never made this purchase, please contact us as soon as possible through <phone number redacted> for assistance or you’ll not be able to conduct any further business using PayPal. Our operating hours are from 6:00 am to 6:00 pm (Pacific time).”
The invoice is not real. Scammers get ahold of people’s email addresses and send them fake invoices via PayPal to try to scare them into calling the included phone number (redacted above). Once they’ve got a victim scared and on the phone, they will do their best to trick that victim into sharing their personal and/or financial information — which the scammers can use to commit any number of other crimes (in the victim’s name!).
Ravoltek LLC PayPal Invoice Scam
Here’s another example of this scam — this time misusing the name of a different company: Ravoltek LLC.
As you can see, the content of the message is the same as the first example, but note one thing: the generic greeting at the top of the message — “Hello, PayPal Client.” PayPal will never send you an email with a generic greeting. It will always be your first and last name or, in the case of business accounts, the business name.
Coinbase PayPal Invoice Scam
In this final example, the scammers are impersonating Coinbase, the cryptocurrency exchange platform.
Although the message content is different, the tactics are the same: to get people to dial the phone number included in the email (obscured above) and trick them into sharing their personal data. Watch out!
How Did the Scammers Get My Email Address?
If you’re wondering how the scammers were even able to get your email address in the first place, you’re not alone. They will most often get it from underground internet forums or the dark web — two places that are hotbeds for stolen/leaked data.
To see if your email address has been compromised, use the tool below.
If you want a way to check if your personal data — email addresses, bank account numbers, Social Security number, passport number, and more — have been leaked online, consider checking out Trend Micro ID Security. The app will scan the internet and the dark web 24/7 for your data so if it’s ever leaked, you’ll know about it! Click the button below to learn more and claim your 30-day free trial today!