PayPal is aware of the cyberattack impacting Optus and we have not detected any impact on our systems.
Your security is a top priority for us: our security teams are monitoring the situation, and PayPal security controls are in place to help protect your account from unauthorised access.
If you are an individual affected by the Optus data breach, we encourage you to be vigilant. More information on how to limit the impact of the breach can be found through these reputable sources: The Australian Cyber Security Centre (ACSC), Moneysmart, or Office of the Australian Information Commissioner
If you believe you’ve received a phishing email or SMS that appears to have come from PayPal, don’t respond and don’t click on any links or open any attachments. Simply forward the entire email to firstname.lastname@example.org and delete it.
As online scams are getting more sophisticated and may take advantage of breached data, here are some steps you can take to protect yourself online:
- How to identify a phishing email:
- Generic email greetings that do not address you by name
- URLs that look deceptive and inauthentic to PayPal
- Wrong, out of date or out of place logos, design, and font type
- How to spot a fake email:
- False sense of urgency
- Attachments – A real email from PayPal will rarely include an attachment and never software
- If you aren’t sure if an account alert is from us, log in to your PayPal account and check for urgent messages or related notifications
- How to identify scams:
- The promise of money in return for a favour
- Notifications of lottery wins
- Unsolicited job offers
- Unexpected invoices
- Communicate with PayPal the safe way. Always log in at PayPal.com.au to update your personal information.
- Consider adding an extra layer of security to your PayPal account by enabling two-factor authentication for login. In addition to your password, once this feature is activated, you’ll enter another code to access your account. See here for more information.