According to Paypal, fraudulent emails are showing up in users’ inboxes in an attempt to steal user’s information.

The email contains links to what appears to be an official Paypal website. But,  once users visit the website, they are expected to enter their account information immediately in an attempt to access their account.The email looks like an official Paypal email, it even says that it’s confirming that a new email address has been added to the user’s Paypal account, and  if the user didn’t add the new email they should let Paypal know.

According to PayPal’s security experts at spoof@paypal.com, 90% of all emails in the entire world are spam or phishing. “By submitting reports of suspicious email to us you are helping to address this problem,” Paypal stated.

If you recieve a suspicious email, the security team at PayPal recommends that you open a new tab or new window in a web browser and type paypal.com to ensure that a user is on the legitimate website.

“Any time you receive an email about activity to your Paypal account, the safest way to confirm validity is to login directly to the Paypal website and review the relevant section,” Paypal says.

PayPal says that they will never directly ask for personal banking info via email or ask for answers to security questions without displaying the security questions that the user created. They will also never ask a user to ship items or send a money transfer (Western Union and other money transfers are usually a red flag).

Report suspicious emails to the Paypal Security Center or forward them to spoof@paypal.com and the Paypal Security Team will determine the validity of the email and try to deter the fraud.