How to protect against PayPal and Bank account Phishing emails

We noticed unusual activity in your PayPal account

A typical email you may receive from a rogue PayPal or bank email.

Yes it’s pathetic but don’t be caught out.

  • My real name is not shown in the email message
  • The URI “” is not PayPal
  • The “Click here” link goes to a redirect pointing to a rogue PayPal loin page
  • They can’t even be bothered to use the correct PayPal logo


Always delete these emails and don’t click on anything. If you are need to, then go to your PayPal account and login to see if you have any messages – simples!

A security breach caused this.

The “Click here” link goes to a domain “” which appears to no longer being used, this is then redirected to the rogue PayPal login site. It is most likely that an old version of WordPress has been breached to force the redirect, this makes it easy to change the target rouge domain at any time.


As it is difficult to remove ALL the version numbers from the web page using plug-ins please ensure your WordPress website is up-to-date and WordPress is configured to “Auto Update”.

Make sure to delete all unwanted WordPress installations.

If a WordPress security alert is announced then you need to check the version and manually update your site if needed.