PayPal Login: security information
PayPal is a widely used financial service that allows people from all over the world to transfer money to other PayPal users or companies by simply specifying an email address the money should be transferred to.
It has become even more popular in recent years with the eBay tie-in which practically made PayPal the preferred payment method for many eBay users.
Note: eBay and PayPal parted ways recently, but PayPal is still the dominant payment option on the market place.
A financial service that popular is a priority target for worms, phishing attacks, trojans and other kinds of attacks that try to steal PayPal login information; if successful, attackers may transfer the money of the account to another account, and even draw more funds from linked bank accounts or credit cards.
- If you want to visit PayPal, always visit https://www.paypal.com/ directly and don't click on links to get there. Also, make sure the same url is listed in the address bar before you enter any data on the site.
- Make sure you check the address before you enter any information.
- A security key or authenticator app / SMS improves the security of your account significantly.
- You may add your mobile phone number to your PayPal account to add a secondary authentication step to the login process. A SMS is sent to the phone on request whenever you sign in to your PayPal account.
PayPal began to sell a PayPal Security Key recently to protect PayPal users from phishing attacks. Once set up, it adds another layer of protection to the account as users not only have to sign in using their email address and password but also a random code that the device generates every 30 seconds.
Attackers who get their hands on PayPal login information, that is the email and password, cannot access the account without the additional code and for that they need access to the device or smartphone that generates it or receives it.
It is not a 100% perfect solution as attackers are still able to circumvent the security key if they have additional information related to the PayPal user's account. It still is a viable protection in most cases.
The company offers other options, such as sending codes via SMS to user smartphones or using authenticator apps to generate 2-step login codes.
PayPal has a security center that informs and educates users about security risks, and especially on how to reduce the attack surface and prevent attacks.
Probably the best way of fighting most attacks and all phishing attacks is to always open the PayPal website directly instead of clicking on links that are supposed to lead there.
Another method is to use a password manager to store the PayPal login information. Many password managers, such as Last Pass, can fill out the login form and log in the user automatically in configured accounts. This can be a very effective method of detecting fake websites as the password manager will not fill out the login information automatically on these websites.
A closer look at PayPal login issues and solutions
While PayPal should work just fine for the majority of users, there are some that experience issues when they try to load the website or sign in to their account on the site.
1. Lost your password or cannot remember it
If you have troubles signing in because the password you enter is not accepted, you can click on the forgot link in the password field to initiate a process to create and use a new password on PayPal instead.
A click on the following link loads the "can't log in" page on PayPal that you can use to get a new password: https://www.paypal.com/authflow/password-recovery/?from=PayPal
You can use the same form to recover the email address that is used on PayPal.
2. A blank page is displayed or PayPal is not loading completely
This can have several causes. The easiest solution to resolve it is to hit Ctrl-F5 in the browser while the page is active. This forces a reload and many times, will display the page so that you can log in.
There is always a chance that this won't work however. It is possible that the issue is on PayPal's side and that you cannot do anything but wait for it to be resolved.
If you don't have to make a transaction immediately, it is usually a good idea to wait an hour or even longer and try again afterwards.
3. Your PayPal account is locked
Security systems may lock accounts automatically if too many login attempts are noticed. Locking may also happen if the account has had a "negative balance for an extended period of time", or when PayPal looks the account manually, e.g. when it notices a successful hacking attempt.
PayPal asks customers whose accounts are locked to call the company. Customers need to be able to provide the account email address and the customer service pin.
The service pin is a six digit number that you need to set up under Settings > Security > Customer Service Pin.
4. Your account was hacked
Probably the worst thing that can happen, especially if you have money sitting in the account or linked bank accounts or credit cards to PayPal which are used automatically for money transfers and purchases.
You need to contact PayPal immediately if you notice or suspect that your account was hacked.Advertisement