How To Keep Your Paypal Account Safe From Hackers

Ryan Dube 09-01-2009

paypal safetyToday, Paypal is one of the most popular methods of making a financial transaction on the Internet. Unfortunately, it also remains one of the easiest systems to infiltrate for a hacker.


This is why it’s important for every Paypal user to understand how to keep your Paypal account safe. Knowledge is power – and if you know how they do it, you have the power to stop them.

How Hackers Attempt To Access Your Paypal Account

Yes, it is possible for a criminal to gain access to your Paypal account. However, it’s also important to keep in mind that despite all of the melodramatic news reports you may hear about the terrible threat hackers pose to online security, foiling those criminals is actually very easy, even for people who aren’t technically savvy.

The following are the most common methods criminals use in order to break into your Paypal account.

  • When you open an infected attachment inside an email from a friend or a stranger, keylogger software gets installed on your PC that attempts to capture every keystroke from your keyboard, and then it sends that data to a remote Internet location, where the hacker can parse through and extract your passwords.
  • If they obtain your Paypal account password from the keylogger, the job is done. However, if they can only obtain your email password, they can go to the Paypal website, request a password reset, and then access your email in order to retrieve the new password to your Paypal account.
  • Another more common tactic is to send out thousands of “phishing” emails, disguised to look like an official Paypal email. You click the link to the fake Paypal website, enter your email and password, and the game is over.

How to Keep Your Paypal Account Safe From Phishing

The phishing technique is the most popular because the authentic-looking email fools so many people.  Here is a sample of one such email (I get about 2 or 3 of these a month).

Paypal security


However, if the email was put together by a sloppy hacker, you’ll notice that with most email applications, if you place the mouse over the link (but don’t click on it!), you’ll see the actual link at the bottom.

paypal security measures

As you can see, “” isn’t exactly However, even if this bottom link does report “,” the easiest method you can use to keep your paypal account safe is by never clicking any link inside a Paypal email. If you want to check your account, open a new browser window, go directly to Paypal, and log in.

While avoiding “phishy” Paypal emails will protect you from the bulk of problems, there’s still the matter of hard-core hackers. These are the ones who are a bit more savvy, and will look for ways to guess your password, search your computer for login information, or install keyboard logging software on your PC. There are ways to thwart all of those attempts as well.


How to Keep Your Paypal Account Safe with a Strong Password

First, sign up for a new free email account and use that email for your Paypal profile, but don’t use it for any other purpose. Most hackers like to scour likely social networks or websites, like eBay, for email addresses that are likely also used in Paypal accounts, and then target those email addresses with their phishing or virus email campaigns. Also, change your Paypal password and the password of your email account, to a difficult-to-guess password that includes upper and lower case letters, numbers, and at least one or two special characters like an exclamation point or the pound (#) sign.

If you need some tips for creating solid passwords MakeUseof author Damien Oh had an excellent article about it earlier, see Create Strong Passwords That You Can Remember Easily How To Create Strong Passwords That You Can Remember Easily Read More .

For even stronger Paypal security, consider using a security key. When you’re logged into your Paypal account, click on “Security Center” at the top, “Security Tools” on the left menu bar, and then “Paypal Security Overview.” You’ll see the following screen.

Paypal Security Key


When you click “Get Yours Now,” you can choose between a hardware key, or a mobile key. The hardware key costs $5 for shipping & handling, but it features a digital code that changes every thirty seconds. You can’t log into the Paypal account without it, and it’s virtually unhackable. The mobile key method is free. After you enable your account for it, you simply text Paypal for the code, and they text message the security key back to you.

Keep Your Private Data Safe With Portable Apps

Another method you can use to safeguard your Paypal account is to always carry around a thumbdrive with a portable web browser installed that runs directly off the thumbdrive. You can view more details on how to install portable apps from this article 4 Ways to Carry your PC on iPod or USB Thumbdrive Read More . Below I’ve connected to Paypal using the portable version of Firefox running off my Cruzer thumbdrive.

paypal safety training

By using this approach, all log files and history is stored on your thumbdrive, and not on the PC itself.  This not only protects you from scripts that search typical PC locations for Internet logs, but it also provides security from the next person who uses the computer inadvertently coming across your information.


Use Anti-Keylogger Software for Extra Security

Finally, to protect yourself from keyboard logging software that may have infected your computer without your knowledge, it’s best to play it safe and install applications like the SnoopFree privacy shield, described in this article 2 Cool Programs to Stay Safe from Hackers Read More , which prevents the keylogger from accessing the I/O data coming from your keyboard.  Another approach to circumvent the keyboard completely is by using a portable on-screen keyboard Toss Broken Keyboard to side with Portable On-Screen Keyboard Read More to log into your Paypal account, as I’m doing below.

Portable Keyboar for paypal protection

If you are confident that your computer is completely clean of any trojan or keylogger, simply avoiding Paypal phishing emails and using strong passwords with the Paypal security key will provide more than enough protection to keep your Paypal account safe.

However, if you aren’t certain how clean your computer is, or you’d like to access Paypal from public PC’s, it’s always best to play it safe by also using a portable browser, a privacy shield, and an on-screen keyboard.

With all of those tools in your arsenal, the only way a hacker will get through your concrete wall of security is with an atomic bomb.

Explore more about: Keylogger, Online Privacy, Password, PayPal, Phishing.

Whatsapp Pinterest

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Ronald delcour
    May 2, 2015 at 11:09 pm

    some tried to get in my count please get back to me on this want to stop pay pla

  2. Navjot Singh
    October 1, 2009 at 2:26 pm

    It seems there is no security key option now. I don't see any such thing now.

    • Anon
      October 14, 2009 at 6:34 pm

      Yes the security key option is still there as I've just ordered one thanks to this blog. SMS is still there too, at least in anyway. £3 each for a key thing.
      I feel bad for people who have had their accounts emptied by these criminals :(

  3. Michael
    September 6, 2009 at 5:46 pm

    I just went to the PayPal site to check the Security Key. It seems to only offer the hardware version now. I have emailed them to ask what happened to the other option.

  4. Mark
    September 1, 2009 at 10:30 pm

    You can tell when an email is from eBay or PayPal because they will always tart the email with your full name, e.g

    Dear Mark Blah,
    someone has tried to reset your password......

    NEVER Dear user or similar.

    Just so you know,
    Hope this helps,

  5. Taqi
    August 31, 2009 at 2:21 pm

    One hacker hacked my paypal account, and transferred all my earning to his account.... Can paypal trace who did this to me, and caught him ?

  6. Harsh @Shoutmeloud
    August 29, 2009 at 3:25 pm

    Hey thanks for Great share.. I usually don't keep much cash into y paypal...
    Probably Scared coz of such hack attempt..

  7. Stephen Cronin
    August 27, 2009 at 7:09 am

    I agree that PayPal phishing is a real problem and some of your tips are good, but people need to be careful about a couple of them:

    First the online keyboard looks good, but as they say on their website:

    While on-screen keyboards offer protection against hardware keyloggers, they do not offer protection against software keyloggers (which are far more common).

    Your more likely to get a some malware (software) than someone sneaking into your house to install a hardware keylogger, so this is of limited use - except in an internet cafe perhaps.

    Second, regarding running a browser on your USB drive: many viruses are spread through USB drives. Unless you're sure the computers you are plugging them into are free of viruses, you may actually transfer a virus to your own computer. Having a separate portable browser is a good idea in itself, but just be careful when using USB drives.

  8. Xgeoph Ray
    August 2, 2009 at 4:28 pm

    I've been using the PayPal Digital Security Key since it was first introduced and it's great. It also secures your eBay from hacking too. This is a great article that I will definitely share to my not-so-techy friends/family.

    • Ryan Dube
      August 4, 2009 at 6:56 am

      Thanks xgeoph Ray - I appreciate your passing along the article! I hope it helps more people protect themselves.

  9. keyword tool
    July 16, 2009 at 9:45 am

    Someone hacked my paypal account 3 months ago. They spent my entire life savings.

  10. president
    July 9, 2009 at 3:03 am

    I have had the security for awhile now. Kind of a pain in the ass to locate sometimes but keeps my account safe for sure!

  11. Alice Gibson
    May 10, 2009 at 4:04 pm

    I recievedan email from allegedly a Pay Pal represent who sted that some attempted to make an unauthorized access to my Pay Pal account. First of all I do not have a Pay Pal account and I want this kind of phoney email to stop.

    Thanks for your assistance.

  12. Ryan Dube
    February 11, 2009 at 6:01 pm

    Hi Kani, sorry to hear about that. Did you click on any email links from a Paypal email and sign in? If not then you might have a keylogger - check out the anti-keylogger software above, run good solid scans on your computer to make sure you're not infected with one of those pests... Good luck!

  13. kani
    February 11, 2009 at 3:20 pm

    some one hacked my paypal id and password without my knowledge transfer 235$ to his accounts i don't know that hacker still in my computer please help me to how i find out?

  14. Dube
    January 10, 2009 at 11:28 am

    Wonderful article! I didn't know about most of these features. I'll be checking into the anti-key logger and some others. It was also a surprise to see that this was written with someone who shares my last name. :) It's not very common!

  15. Mohan
    January 9, 2009 at 11:05 pm

    I did not know about the Paypal security key and the texting option. Another source of phishing scams that target Paypal account holders are PTC sites. Yesterday I signed up with NeoBux and put in my Paypal Email ID. Within minutes I received a Paypal phishing email. May be they are not ethical and they know for sure an email is having Paypal account, so they send out a phishing mail.

  16. geekTips
    January 9, 2009 at 7:54 pm

    Thanks for the tips mate, I'm sure it will help a lot of Paypal users safe from hackers (including me).

  17. T.J. Mininday
    January 9, 2009 at 4:32 pm

    Wow, great article. I knew about the $5 security key, but not about the ability to have PayPal send you a text with the number. Don't you think there are a lot more key loggers out there then you realize.

    Can't something as simple as malware program begin logging your keystrokes?