You don't need to be an 'investor' to invest in Singletrack: 6 days left: 95% of target - Find out more
Apologies for the dumb question - just checking this one out.
Had a text message from an unknown mobile number saying that my Paypal account has been limited because of a failed payment request and to log in via a helpfully provided link of paypal dot user-security-check dot com.
That, to me, is screaming SCAM.
I can't remember the last time I used Paypal so I logged in directly via the laptop - there are zero transactions, nothing in their resolution centre and a balance of zero (as expected).
Changed password and security questions.
I'm assuming that it was a scam? As I say, it's so rare I use Paypal that I'd just like to double check my gut feeling with the wise and all-knowing forum - possibly including people who use Paypal much more than I do!
Sounds very much like it to me. Think you did the right thing changing your password to be on the safe side, but that sounds like a phishing link to get you to divulge it so you're probably safe. If you really don't use it much, maybe de-link your payment cards and bank accounts until next needed.
Total scam
Correct instinct that it was a scam attempt, and correct procedure to log in by the main URL and not the 'helpful' link - no need to do anything else though, they just wanted you to log in by their page so they could steal your password that way.
paypal dot user-security-check dot com
As a rule of thumb, with any URL it's the bit before and after the final dot which is important, so user-security-check.com in this instance. If it doesn't say paypal.com then it isn't paypal.com irrespective of what it says anywhere else in the link.
If you're still not sure (why?!) then you can look up the domain registration - again, the bit before and after the final dot. Telltale signs of a scam is a) it was recently registered and b) the lease is only for a year. Presence of either of these shibboleths should raise alarm bells.
https://www.whois.com/whois/user-security-check.com
Registered On:2019-07-28
Expires On:2020-07-28QED.
--
[EDIT: just noticed I made a minor oversight here, this is true for .com .org etc. but for non-US geographic domains it's the last two dots. Eg, google.co.uk. Should be obvious hopefully, but...]
Correct instinct that it was a scam attempt, and correct procedure to log in by the main URL and not the ‘helpful’ link – no need to do anything else though, they just wanted you to log in by their page so they could steal your password that way.
Just to add to this,
Even if you're absotively posilutely certain that an email / SMS / Facebook message from Paypal / Amazon / your bank / your sister's hairdresser in Kazakhstan is genuine, if it's not a message you were expecting (eg, you'd just asked for a password reset) then always just log in to the site in question in the usual manner to verify it. You should never click the links in unsolicited messages no matter how genuine they may appear.
Worth knowing that PayPal supports 2FA for sign-in. Unfortunately it's via SMS, which is a bit flimsy but better than nothing.
... and if you can use 2FA, you really really should. Passwords alone are no longer fit for purpose. Though, that's a longer story.
My partner had the exact same message this morning.
She doesn't have a PayPal account....
Had something similar from a bank last week? Different URL but same idea - nameofbank-something.com. link took you to screenshot of real bank page but with popup 'login' box overlayed. It wasnt great but they are getting better
Had one the other week. Logged in via browser, all fine. Deleted text.
SCAM!