Receiving Unexpected Two-Factor Authentication (2FA) Codes

Go to solution
DanD123
Contributor
Contributor
Posted on
‎Jul-29-2023 07:16 AM

I've seen other Q&A on this topic, but I haven't seen a specific answer for this:

 

If I receive an unexpected Two-Factor Authentication (2FA) Code (from PayPal) on my phone (that is, one that I didn't trigger by trying to login to PayPal), does that mean that someone has correctly entered my PayPal UserId  *AND*, more importantly, my Password, into a PayPal Login Screen?

 

I just started getting these 2FA Codes, so I changed my password, but the next day I got another 2FA Code, and I highly doubt that anyone guessed my new password.

 

I'm confused as to what is going-on.

Labels:
Login to Me Too
Login to Reply or Kudo
1 ACCEPTED SOLUTION

Accepted Solutions
Solved

Go to solution
PayPal_Olivia
Moderator
Moderator
‎Aug-01-2023 09:15 AM

Hi @DanD123

 

Thank you for your reply. 

 

I think you're correct that step 2 would not normally happen if someone was logging in with an incorrect password. However, it's also conceivably possible that a fraudster is attempting password recovery, causing a code to be sent as one of a few parts of the authentication and verification. In this case, you may want to change the password on your email account, to be extra safe in case a fraudster has access to it and is counting on the ability to receive a password recovery email. Remember to choose a strong and unique password, different from any other one that you use, most especially different from your PayPal account's password.

 

One other thing that wasn't mentioned - if you're using accounting software that you have given access to your PayPal account to pull data, it may be running into the authentication challenge.

 

I hope this helps!

 

Olivia

 

If this post or any other was helpful, please enrich the Community by giving kudos to its author, accepting it as a solution, and/or coming back to assist others. Members make this Community great!

View solution in original post

2 people found this solution to be helpful.
Login to Me Too
Login to Reply or Kudo
5 REPLIES 5

Go to solution
PayPal_JonK
Moderator
Moderator
‎Jul-29-2023 12:16 PM

Hello @DanD123

 

Welcome! Thanks for joining PayPal's Community Forum. I'm sorry to hear it sounds like someone is trying to gain access to your PayPal account. It doesn't sound like someone knows your password, but they potentially know you have a PayPal account attached to your email address and are trying to gain access, Since it's still going on, you may want to try changing your email address on your account. If you add a new one and remove the old one, the notifications should stop. 

 

My apologies for any inconvenience this may cause, 

 

 - Jon K


If you find this or any other post was helpful, make our community better by giving kudos or accepting it as a solution.
Login to Me Too
Login to Reply or Kudo

Go to solution
DanD123
Contributor
Contributor
‎Jul-30-2023 05:53 AM

Hi Jon.   Thanks for your quick and helpful reply.   I'm still a bit confused.   

 

Isn't the Normal Login Sequence for the Real User as follows?:

  1. At the Login Screen, the Real User enters their Username/Id and their Correct Password.
  2. PayPal sends a 2FA Code to the Real User's phone.
  3. PayPal prompts the Real User to enter the 2FA Code at the Login Screen.
  4. PayPal gives the Real User access to their account.

If that's correct, then the Attempted Hacking Login Sequence, for a Hacker would be as follows:

  1. At the Login Screen, the Hacker enters the Real User's Username/Id and an Incorrect Password.
  2. PayPal sends a 2FA Code to the Real User's phone.
  3. PayPal prompts the Hacker to enter the 2FA Code at the Login Screen, but the Hacker doesn't know the 2FA Code (since they don't have the Real User's phone), so they can't enter it.  Or they can guess at a 2FA Code, but they will most probably get it wrong (that's the point of the 2FA).
  4. PayPal does not give the Hacker access to the Real User's account.

If that's correct, then why would the Hacker ever get to Step 2?  That is, why would PayPal send a 2FA Code to the Real User's phone if the Hacker entered an Incorrect Password?

 

2FA = Two-Factor Authentication

 

Thanks,

Dan

Login to Me Too
Login to Reply or Kudo
Solved

Go to solution
PayPal_Olivia
Moderator
Moderator
‎Aug-01-2023 09:15 AM

Hi @DanD123

 

Thank you for your reply. 

 

I think you're correct that step 2 would not normally happen if someone was logging in with an incorrect password. However, it's also conceivably possible that a fraudster is attempting password recovery, causing a code to be sent as one of a few parts of the authentication and verification. In this case, you may want to change the password on your email account, to be extra safe in case a fraudster has access to it and is counting on the ability to receive a password recovery email. Remember to choose a strong and unique password, different from any other one that you use, most especially different from your PayPal account's password.

 

One other thing that wasn't mentioned - if you're using accounting software that you have given access to your PayPal account to pull data, it may be running into the authentication challenge.

 

I hope this helps!

 

Olivia

 

If this post or any other was helpful, please enrich the Community by giving kudos to its author, accepting it as a solution, and/or coming back to assist others. Members make this Community great!
2 people found this solution to be helpful.
Login to Me Too
Login to Reply or Kudo

Go to solution
DanD123
Contributor
Contributor
‎Aug-03-2023 04:54 AM

Hell @PayPal_Olivia,

 

You pointed-out that the reason I might be getting the unexpected 2FA Code is that the Fraudster may be trying to do a Password Reset on my PayPal account, and that makes sense!  It's easy for them to get my email address, and they could just assume/guess that I may have a PayPal account, but the only way for the 2FA Code to be any use to them would be for them to have access to my email account, as you mentioned.   And, again, as you mentioned, they may have good reason to think that they might be able to get into my email account (e.g., they have my current, or old, password).    I hadn't thought of this possibility, so this is very helpful, and I think I'm going to go change my email password!!!

 

Thanks for your help!

Dan

 

 

Login to Me Too
Login to Reply or Kudo

Go to solution
PayPal_Olivia
Moderator
Moderator
‎Aug-03-2023 07:11 AM

Hi @DanD123,

 

Thanks for letting me know that information was helpful for you. 🙂 I'm super glad I could help!

 

Olivia

 

If this post or any other was helpful, please enrich the Community by giving kudos to its author, accepting it as a solution, and/or coming back to assist others. Members make this Community great!
Login to Me Too
Login to Reply or Kudo

Haven't Found your Answer?

It happens. Hit the "Login to Ask the community" button to create a question for the PayPal community.