Plausible PayPal phishing… with no evidence credentials were stolen
Yesterday my housemate was almost scammed by someone on the internet, or so I thought. She was selling some goods on a ebay-like website, and someone contacted her to buy her stuff. She then received a false email from "Paypal" telling her she had received a certain amount of cash (which was not exactly the one she asked, thus she thought something was wrong) from that person.
By error she clicked a link in the mail, allegedly linking to a PayPal payment reference. She said nothing was prompted to her, or downloaded and she exited the opened webpage immediately.
Later that day, she realized her PayPal credentials were not valid anymore, and when she tried to change them by asking new ones, the codes she got on her phone by SMS were not working at all. She had to contact PayPal support directly for help, and now her credentials work once more. She think nothing was stolen from her account in the mean time.
Could possibly the two events be linked ? Could it be that by a simple phishing attempt an attacker managed to retrieve her credentials even though she was not prompted a false PayPal login page ? If yes, how ?