Phishing, Security Operations, Email security

PayPal invoice scam uses ‘blue tick’ to deceive users

A PayPal logo is seen outside the company's headquarters

HackRead reports that a sophisticated phishing scam is exploiting PayPal's legitimate invoice system, even appearing with the coveted "blue tick" verification mark in users' inboxes. This attack bypasses traditional email security filters and aims to trick individuals into contacting fraudulent support numbers.

Attackers create fraudulent PayPal business accounts and use the platform's "Money Request" or "Invoice" feature. Because PayPal itself sends the email, it passes authentication checks and earns the Brand Indicators for Message (BIMI) "blue tick." The scam is hidden in the "Note to Customer" section, which falsely claims an unauthorized charge and provides a fake support phone number. The email is often sent to obscure or group addresses to cause confusion. This is a callback phishing attack, where the provided phone number connects to scammers who attempt to gain remote access to computers or trick users into revealing financial information.

This scam highlights a growing trend of attackers leveraging legitimate platforms for malicious purposes. The "blue tick" is no longer a foolproof indicator of legitimacy. Users are advised not to call numbers or click links in suspicious emails, but instead to access PayPal directly through its official website to verify any invoices or requests. Reporting such scams to PayPal is crucial for platform security.

Source: HackRead

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds