Skip to main content

How to secure PayPal

How to secure PayPal
By- Aarti Jatan
Your online finances need proper protection. Learn how to secure your PayPal account.

With hundreds of millions of users around the world, PayPal has long been an international leader in the electronic payments industry. But as we know, money never fails to attract fraud, especially now, with as much of life as possible taking place online. Here is what you need to do to stay safe when sending or receiving money through PayPal.

How secure is PayPal?

As a matter of fact, PayPal is quite a reliable platform that maintains a high level of security — and keeps improving it. Thus, the company has an official program deploying white hat hackers to unearth vulnerabilities (the so-called bug bounty), under which it has already paid out almost $4 million since 2018. The program also covers several other services owned by PayPal, such as Venmo.

PayPal also treats its users’ data responsibly: It did have one reliably reported leak, in 2017, but the leak involved the infrastructure of a company PayPal was acquiring at the time. And all payments within PayPal are based on e-mail addresses, so users never have to share their bank details with vendors.

Technology aside, we cannot ignore the human factor. Even though PayPal does a lot to secure its users’ transactions, users themselves sometimes make mistakes that cost them real money. To avoid their fate, follow these simple rules.

Protecting your PayPal account

Protection against hacking in PayPal

First, make sure your PayPal account has a reliable password. Reliable means long, unique, and hard to guess. If you use a weak password, or use the same password for lots of accounts, then your PayPal account will be vulnerable to brute-force attacks or credential stuffing. Crafting a good password isn’t hard — here’s how — although managing a bunch can get unwieldy. Regardless, you may find refuge in our password manager. It will do both: generate reliable passwords and safely store them.

With finances at stake, it pays to be on the safe side. Do not fail to activate two-factor authentication. With PayPal, you can receive one-time codes in text messages or generate them in an application — whichever authentication app suits you best. The app-based option is generally considered more reliable, but any second factor is better than none at all, so if you strongly dislike using an authentication app, at least use one-time codes delivered by SMS.

Think twice about your secret questions and answers, too. Your grandmother’s maiden name or your first school probably isn’t hard to learn from your social network accounts; questions like that offer feeble protection. You can be more clever than that. For example, instead of using the name of your old school, fill in the answer of one of your relatives or friends — just don’t forget what the right answer should be. For safety reasons, we recommend using Kaspersky Password Manager for that as well; it also stores encrypted notes, not just passwords.

In addition to ramping up authentication, make sure you have notifications set up so they work right for you. Enabling mobile push messages about outgoing payments will probably be the most useful measure in terms of security. That way, if someone breaks in to your account and begins spending your money, you’ll be sure to learn about it, and put a stop to it, right away.

A somewhat less-intuitive addendum: Even though you’re receiving notifications, you should perform a manual check of your account and transaction history from time to time. If you find PayPal reporting transactions you clearly didn’t make, change your password and security questions and contact PayPal’s support immediately.

Vulnerability protection in PayPal apps

Software is written by people, and people make errors, and errors become vulnerabilities that cybercriminals can exploit. As we mentioned above, PayPal spends big money to search out such vulnerabilities — and probably even bigger bucks to purge them from its products and systems.

But for the resources that PayPal continuously invests in your protection to work, you will have to put in a small amount of effort. Namely, never skip smartphone app updates. (Desktop users have to use the Web version of PayPal, so if you use that, you have another reason never to skip browser and OS updates.) Install all updates as soon as they come out.

Do not forget to run antivirus scans on the devices you use for PayPal — your PC and your smartphone. When your money is at risk, no precaution is too small.

Cyberattack protection in PayPal

Always remember that public Wi-Fi is bad (meaning unsafe). Never use it for financial transactions without ensuring you have a secure connection. If you are pressed to complete a transaction while using free Wi-Fi at a café or airport, first establish a secure VPN connection and only then open your PayPal app.

Use caution with incoming e-mails that seem to come from PayPal; they may pose a phishing threat. PayPal has long occupied a place at the top of the list of brands most targeted by fake e-mail scams — and why wouldn’t it? Fraudsters follow money, remember? Use standard observation techniques to detect phishing: Carefully check the sender’s address and any links in the message.

Better yet, do not click any links at all. Instead, enter PayPal’s address in your browser, log in, and check whether you have any notifications in your account. If you have none, the letter is very likely fake.

And, most important, never enter your PayPal account credentials if you have even a shadow of a doubt about the legitimacy of the letter or website you find yourself dealing with.

Some recommend using PayPal from a browser or even separate device used solely for that purpose. We think that’s a bit much. Instead, use the Safe Money feature in Kaspersky Internet Security to ensure your money will never be stolen when making a payment.



Comments

Popular posts from this blog

Student surprise: Malware masked as textbooks and essays

Student surprise: Malware masked as textbooks and essays By- Kaspersky Malware can masquerade not only as games and TV shows, but also as educational materials. We help you understand what this malware is and how to avoid being infected. It is far too easy to pick up nasty stuff when you try to download   popular TV shows   or   game cheats . However, cybercriminals do not limit themselves to tainting entertainment; you can also stumble upon a virus when looking for work- or study-related materials. This is particularly important to keep in mind as the academic year starts, because the cost of textbooks and other materials for K–12 and college students often leads to many looking for more affordable and free alternatives online. Download an essay, get some malware thrown in Wanting to find out how frequently malicious content is encountered among materials that are posted for free access, we checked how many infections Kaspersky solutions identified in files with school- and student-re

Five regular checks for SMBs

Five regular checks for SMBs By- Aarti Jatan Five things that, if neglected, can cost SMBs dearly. It is not always economically viable for small and medium-size businesses to maintain a dedicated IT security team, so it often happens that one person is in charge of monitoring the entire infrastructure. Sometimes he or she is not even a permanent, full-time employee. Sure, a good administrator can do a lot, but even a pro might miss something, particularly if issues are mounting and time is short. So, it’s worth establishing a few habits. Here are our Top 5 regular checks. Renew the corporate site security certificate Any website that requests or processes user data must have an SSL certificate. It protects information entered by visitors from being intercepted, and almost all modern browsers  warn  users that sites without an SSL certificate are insecure. That can scare off potential customers. Your website most likely has an SSL certificate, but its validity period is limited. Depend

10 tips for Zoom security and privacy

10 tips for Zoom security and privacy By- Aarti Jatan Gain full control over your Zoom video conferences, family gatherings, and online bar crawls . With social distancing and quarantine measures implemented around the globe, people quickly started searching for effective means of communicating with each other. With its reported ease of use and attractive pricing, Zoom quickly rose in popularity — and people quickly figured out that Zoom’s developers weren’t fully prepared for the level of scrutiny it would receive. With so much use, Zoom’s flaws came rapidly to light. The company handled the tremendous increase of workload seamlessly and quickly reacted to security researchers’ discoveries. However, just like with each and every service, code updates will not address every complaint, but some issues are very much worth keeping in mind. So, here we offer 10 security and privacy tips for Zoom users. 1. Protect your account A Zoom account is just another account, and in setting yours up,