According to the PGR's Cybercrime Office, the approach from the supposed PayPal "support service" always happens "by phone, in English" and consists of a recorded message mentioning that a PayPal purchase has been made, suggesting to the customer that, "if you wish to request its cancellation, press a key on your phone".

If they do so, the victim "is directed to a supposed PayPal employee", who confirms that "a suspicious purchase has been made", namely of "crypto assets to destinations in Russia or China".

The indication that the victim's computer has been hacked is another narrative identified.

To undo this fictitious transaction, the scammer asks for permission to send an email intended to install a program that, in practice, will allow them to remotely access the victim's computer and, if the victim accesses their PayPal account, capture those credentials and use them to make online purchases.

In some cases, the Cybercrime Office of the Attorney General's Office says in a statement that the PayPal user is convinced that to reverse the suspicious purchase, they will have to pay third parties.

Although the contact numbers appear to be Portuguese, they originate from, among others, countries in Southwest Asia.

This type of fraud is not specifically targeted at Portugal, but rather at victims worldwide. In general, criminals select telephone contacts randomly, hoping that the recipient of the call has a PayPal account," reads the statement issued today.

As a rule, "if the victim realises that they are being targeted by fraud," the scammer "hangs up the phone," and nothing happens.

"It is recommended that responses to telephone communications of this nature be carefully evaluated, never providing personal or credit card information, and not installing any type of 'software' [computer program] indicated by telephone by strangers," recommends the Cybercrime Office of the Attorney General's Office.