JulesCDC

My sister was the victim of a very sophisticated hack/phishing scam in her PayPal account. She logged in to do something and had a notification (under the little notification bell) that said there had been some suspicious activity on her account, so it was locked. It guided her to check her email for a verification email and follow the link in it. She does just that and upon clicking the link, it has her login again and answer a serious of identity questions including to verify her SSN and address, etc etc. That still doesn’t unlock so she gets PP support involved and apparently the entire notification, email, verify info was a phishing scam as well as she had 2 unauthorized transactions on her PP account.
PP is taking care of those fraudulent transactions (this is all equally as frustrating as she uses the PP Cash feature) of course, but the data phishing is still a big concern.

I’ve advised her to 1. Remove all connected bank or credit accounts from her PP. 2. Get a Credit Karma account and use their guide to lock her credit on all 3 bureaus. 3. Get an identity monitoring service outside of Credit Karma (and demand PP pay for 3 years of premium enrollment) and 4. PP advised her to file with the FTC

My first question is which monitoring service would you recommend? Secondly, what else should/could she be doing to protect herself from blowback of her SSN and all sorts of info out there in the world? And finally could this have been any sort of local hack and she needs to upgrade her network security (I set it up to be pretty solid with a strong password but it’s not like she is monitoring attempts or anything on it)?

First thank you so much for the fast reply. This happened just this morning so the panic is good and fresh.
No banking info was confirmed or shared during the phishing questions thankfully. And she had a debit card linked to the PP account that I’ve advised her to unlink.

I’ve honestly never seen such a sophisticated phish. I work in point of sale, am QIR certified and working on my ETA CPP and speak fluent credit card security and this was unreal to hear the process originated from her actual PP notifications. I’m am so shook that unlinked my own accounts in my own PP.