Today, Paypal is one of the most popular methods of making a financial transaction on the Internet. Unfortunately, it also remains one of the easiest systems to infiltrate for a hacker.
This is why it’s important for every Paypal user to understand how to keep your Paypal account safe. Knowledge is power – and if you know how they do it, you have the power to stop them.
How Hackers Attempt To Access Your Paypal Account
Yes, it is possible for a criminal to gain access to your Paypal account. However, it’s also important to keep in mind that despite all of the melodramatic news reports you may hear about the terrible threat hackers pose to online security, foiling those criminals is actually very easy, even for people who aren’t technically savvy.
The following are the most common methods criminals use in order to break into your Paypal account.
- When you open an infected attachment inside an email from a friend or a stranger, keylogger software gets installed on your PC that attempts to capture every keystroke from your keyboard, and then it sends that data to a remote Internet location, where the hacker can parse through and extract your passwords.
- If they obtain your Paypal account password from the keylogger, the job is done. However, if they can only obtain your email password, they can go to the Paypal website, request a password reset, and then access your email in order to retrieve the new password to your Paypal account.
- Another more common tactic is to send out thousands of “phishing” emails, disguised to look like an official Paypal email. You click the link to the fake Paypal website, enter your email and password, and the game is over.
How to Keep Your Paypal Account Safe From Phishing
The phishing technique is the most popular because the authentic-looking email fools so many people. Here is a sample of one such email (I get about 2 or 3 of these a month).
However, if the email was put together by a sloppy hacker, you’ll notice that with most email applications, if you place the mouse over the link (but don’t click on it!), you’ll see the actual link at the bottom.
As you can see, “orionresidence.com” isn’t exactly Paypal.com. However, even if this bottom link does report “Paypal.com,” the easiest method you can use to keep your paypal account safe is by never clicking any link inside a Paypal email. If you want to check your account, open a new browser window, go directly to Paypal, and log in.
While avoiding “phishy” Paypal emails will protect you from the bulk of problems, there’s still the matter of hard-core hackers. These are the ones who are a bit more savvy, and will look for ways to guess your password, search your computer for login information, or install keyboard logging software on your PC. There are ways to thwart all of those attempts as well.
How to Keep Your Paypal Account Safe with a Strong Password
First, sign up for a new free email account and use that email for your Paypal profile, but don’t use it for any other purpose. Most hackers like to scour likely social networks or websites, like eBay, for email addresses that are likely also used in Paypal accounts, and then target those email addresses with their phishing or virus email campaigns. Also, change your Paypal password and the password of your email account, to a difficult-to-guess password that includes upper and lower case letters, numbers, and at least one or two special characters like an exclamation point or the pound (#) sign.
If you need some tips for creating solid passwords MakeUseof author Damien Oh had an excellent article about it earlier, see Create Strong Passwords That You Can Remember Easily .
For even stronger Paypal security, consider using a security key. When you’re logged into your Paypal account, click on “Security Center” at the top, “Security Tools” on the left menu bar, and then “Paypal Security Overview.” You’ll see the following screen.
When you click “Get Yours Now,” you can choose between a hardware key, or a mobile key. The hardware key costs $5 for shipping & handling, but it features a digital code that changes every thirty seconds. You can’t log into the Paypal account without it, and it’s virtually unhackable. The mobile key method is free. After you enable your account for it, you simply text Paypal for the code, and they text message the security key back to you.
Keep Your Private Data Safe With Portable Apps
Another method you can use to safeguard your Paypal account is to always carry around a thumbdrive with a portable web browser installed that runs directly off the thumbdrive. You can view more details on how to install portable apps from this article . Below I’ve connected to Paypal using the portable version of Firefox running off my Cruzer thumbdrive.
By using this approach, all log files and history is stored on your thumbdrive, and not on the PC itself. This not only protects you from scripts that search typical PC locations for Internet logs, but it also provides security from the next person who uses the computer inadvertently coming across your information.
Use Anti-Keylogger Software for Extra Security
Finally, to protect yourself from keyboard logging software that may have infected your computer without your knowledge, it’s best to play it safe and install applications like the SnoopFree privacy shield, described in this article , which prevents the keylogger from accessing the I/O data coming from your keyboard. Another approach to circumvent the keyboard completely is by using a portable on-screen keyboard to log into your Paypal account, as I’m doing below.
If you are confident that your computer is completely clean of any trojan or keylogger, simply avoiding Paypal phishing emails and using strong passwords with the Paypal security key will provide more than enough protection to keep your Paypal account safe.
However, if you aren’t certain how clean your computer is, or you’d like to access Paypal from public PC’s, it’s always best to play it safe by also using a portable browser, a privacy shield, and an on-screen keyboard.
With all of those tools in your arsenal, the only way a hacker will get through your concrete wall of security is with an atomic bomb.