7 Common PayPal Scams and How to Avoid Them
Imagine you’ve just received an email reporting a problem with your PayPal account. The warning is serious and looks quite urgent. All they ask you to do is click on the provided link – and there it is – the problem solved. Right?
In fact, that’s where the actual problems are starting. You’ve just got caught by a PayPal scam, which is sadly becoming very common these days. Malicious actors apply various techniques and social engineering tricks to get users caught in their phishing nets.
But don’t worry, you’ve come to the right place for help! Read on to learn how to recognize the most typical PayPal email scams and avoid them.
What is a PayPal scam?
A PayPal scam is a phishing email or fake notification striving to trick PayPal users into revealing their personal information. Most often, scammers attempt to get people’s credentials and payment details. For this purpose, they use social engineering techniques to deceive users, pretending to be a legitimate service.
Wondering why PayPal has become a common target for scammers? Well, there are several main reasons for this. First of all, PayPal is one of the most popular payment services, with over 300 million active users worldwide, carrying out billions of transactions every year. And, of course, all those people link their PayPal to their credit cards and bank accounts. Unsurprisingly, malicious actors are looking for more and more resourceful tactics to confuse users and steal their money or private data.
Secondly, PayPal normally communicates with users via email. This allows scammers to send fake messages posing as official notifications or urgent alerts. But how can they mislead you exactly? And what happens next? Let’s find out.
How PayPal scams work
As mentioned above, most PayPal phishing scams are illegitimate emails that contain malicious links redirecting you to fake or infected websites. Once you click on such a link, hackers will be able to compromise your private data, steal your credit card information, or get unauthorized access to your PayPal account. To achieve this purpose, scammers turn to various tricks and schemes. Here are the most typical signs of a PayPal phishing scam.
- It wants to look credible. An advanced PayPal service scam is a fake in a trustworthy-looking wrapper. It will do everything possible to stay unexposed, from providing the service’s logo to the “friendly name” of the sender.
- It seems urgent. Phishing emails encourage you to act immediately without hesitation. This is done to make you feel worried or scared and create a false sense of emergency.
- It plays on emotion. Social engineering techniques strive to manipulate your feelings and exploit human emotions, from fear and panic to carelessness and even greed.
Although all PayPal scams have a common purpose, they vary in their forms and approaches to deceiving users. Let’s consider the most common ones.
The most common email scams on PayPal
Let’s take a closer look at the most typical PayPal frauds and some helpful tips on avoiding them.
1. “You’ve got a problem with your account”
This is probably the most typical social engineering trick that targets your desire to fix the problem as soon as possible. Scammers try to persuade you that you have an issue with your PayPal account. They encourage you to click on a link that will “save the day” or at least allow you to check what’s going on. In fact, the link will likely take you to a fake PayPal website. As a result, hackers will get a chance to steal your credentials.
In the phishing email below, a user is notified that their account is experiencing suspicious activity and is offered to check it as soon as possible.
How to avoid it?
- Do not click on the link, and do not respond to the email
- Open the official PayPal website and check your account
- Forward the email to [email protected] and [email protected]
2. A small fee for a large reward
Send $2 and receive $200. Sounds tempting? Well, that is another trap prepared by scammers for PayPal users. They offer you a large amount of money simply waiting to appear in your account. In return, you should send a relatively small sum in advance to cover the “transaction fee.” And guess what? That’s right, once you do it, the scammer will instantly disappear with your money.
How to avoid it?
- Do not send any payments
- Check who’s the sender
- Do not respond to the email
3. Fake charity invoice
Charity is a worthy cause, if it’s not fake, of course. In that case, it’s just another type of scam. Bad people often play with emotions like kindness and compassion to trick users into thoughtless donations. For example, the email below pretends to be sent to support the California Wildfires Relief foundation. However, a simple check will reveal that the mentioned charity organization is fake.
How to avoid it?
- Carefully check if the charity is valid
- Verify whether the organization has a trustworthy website
4. A link to an illegitimate PayPal website
As mentioned previously, most phishing emails provide malicious links leading to phishing websites. Such notifications often put pressure on the recipients, trying to scare or confuse them. And a “There is a problem with your account” alert is just the tip of the iceberg.
For instance, the email below claims that an unauthorized $600 purchase was made from a user’s account. It offers to click on a link to recover the stolen funds. But in fact, the link itself is intended to compromise your security.
How to avoid it?
- Do not click on suspicious links
- Check the sender’s email address
- Enter your PayPal account from your browser
- Report fraud to [email protected] and [email protected]
5. PayPal overpayment scam
Imagine someone pays you more than the purchased service or item actually costs. Then, they tell you the overpayment was an accident and ask you to return the excess funds. But this transaction shouldn’t be made through PayPal. Wouldn’t an honest person agree to help? Absolutely not if they don’t want to fall victim to fraud. The thing is that once you send your funds, the scammer will cancel the whole deal on PayPal and keep the transferred money.
How to avoid it?
- Check the recipient’s email address
- Do not agree to send extra funds outside of PayPal
6. “Friendly name” of the sender
Most typical PayPal payment scams have one significant flaw. The sender’s name usually doesn’t match the legitimate one. So it won’t be difficult for an attentive user to notice the inconsistency and spot a fake. However, advanced scammers adopt the “friendly name” technique to become nearly undetectable. It makes the email sender’s name look trustworthy, while the actual address may be far from official. To check it, you can hover over the friendly name and see who’s the real sender. But note that sometimes, even this won’t help you reveal clever deceit, as the entire name may be falsified.
How to avoid it?
- Hover the mouse over the sender’s name to see the actual address
- If everything looks legitimate, look for additional clues
7. A too-good-to-be-true notification
People often swallow the phishing bait if it offers easy money, unexpected reward, or an appealing offer. However, keep in mind that a too-good-to-be-true deal is probably a lure. Scammers use such tricks to attract users and make them click on a bogus link or download a file infected with malware. The same techniques can be applied via fake PayPal emails. So if a sudden $500 reward “is waiting for you,” don’t buy into it. Most likely, it’s another attempt to twist around your little finger.
How to avoid it?
- Don’t click on the provided links
- Don’t download any files
- Report the scam to [email protected] and [email protected]
How to protect yourself against scams on PayPal?
Regardless of how tricky and clever the type of scam you’ve faced is, there is always a way out. Let’s learn several best practices for safeguarding yourself against PayPal fraud.
Check the sender’s email
An official PayPal email only comes from paypal.com. Anything else, like paypalservice.com, paypalsupport.com, and so on, is illegitimate. Moreover, scammers may use the above-mentioned friendly name trick. So even if you’ve got the email from paypal.com, hover it and check the address. Something like [email protected] cannot be official.
However, remember that advanced scammers may fake both the name and the address. So make sure to check the email for other warning signs as well.
Pay attention to the greeting
Users often skip the greeting as a standard and unimportant part of an email. However, it can tell you a lot about the message’s authenticity. Legitimate PayPal emails should mention your full name at the beginning. A “Dear customer” or “Dear PayPal user” greeting is a typical red flag.
Ignore emails asking for sensitive information
PayPal never asks for your confidential information, and neither do the verified service users. So it’s better not to respond to messages with suspicious requests. In particular, never reveal your credit card number, ID card, password, and other credentials. If you have doubts about the received email, you can always enter your PayPal account and contact the official support service.
Watch out for spelling and grammar errors
One of the most common signs of phishing emails is writing mistakes. That’s why no matter how urgent the subject of the email is, be sure to read it carefully and pay attention to details. Any spelling or grammatical error is a red flag since official PayPal emails are normally mistake-free.
Do not click on suspicious links
Beware of any links provided in suspicious or unverified messages that may turn out to be PayPal scams. First, check all information about the sender and visit your PayPal account or contact the PayPal support team. It’s always better to enter the official website address in your browser if you’re unsure whether the link in your email is safe.
Do not download any files
The attached files may also pose a threat to your cybersecurity. Do not install anything potentially illegitimate since those files may be infected with malware striving to reach your device. Moreover, keep in mind that real PayPal never asks users to download and install anything from an email.
Adopting a virtual private network (VPN) is an excellent way to avoid various cyber threats, including PayPal scams, phishing emails, malicious websites, and more. Many people primarily associate VPNs with online privacy since such tools allow users to spoof their IPs and encrypt their browsing traffic. However, a VPN service is also a powerful security solution. It involves multiple handy features enabling users to avoid dangerous links, sites, pop-ups, and other threats.
How to report a PayPal scam?
Once you get a suspicious email or message, do not neglect it. Instead, it’s best to report the potential threat by taking the steps described below.
1. Check your PayPal account
Instead of clicking on any links provided in the email or downloading suspicious files, head directly to the official PayPal website. If something is actually happening to your PayPal account, you can learn it in the Message Center.
2. Report a problem
You can report a suspicious PayPal email or any other potential scam to the PayPal Resolution Center. Alternatively, you can forward the email to [email protected] and [email protected]. After that, it’s best to delete the illegitimate message.
3. Change your password
If you think you’ve just been scammed on PayPal, do not panic. Go to the official website, enter your PayPal account and change your password as soon as possible. It’s worth creating a strong and secure password, especially for services directly related to storing and transferring your funds.
Enhance your cybersecurity with VeePN
Looking for a credible VPN service to protect yourself from PayPal account scams and other online dangers? Check out VeePN. It’s a powerful and feature-rich solution that will take your privacy and cybersecurity to the next level. In particular, VeePN’s NetGuard feature will help you stay away from malicious links, avoid phishing websites, and get rid of intrusive ads and pop-ups. Try VeePN now with a 100% money-back guarantee for the pricing plan that suits you best.
How to detect phishing scams?
Advanced phishing scams can be quite challenging to spot. Here are the most common red flags that may indicate potential fraud:
- Generic greeting (“Dear customer!” or “Dear PayPal user!”)
- Illegitimate sender’s email address
- Sense of urgency
- Suspicious links or attachments
- Grammar or spelling mistakes
- Too-good-to-be-true offers
- Requests for confidential information
How do you know if a PayPal email is real?
Genuine PayPal emails are sent only from paypal.com. No other address is legitimate. Also, real PayPal notifications come both to your mailbox and PayPal Message Center. So you can enter your PayPal account and check if you’ve received the same message there. Finally, PayPal never asks users to reveal personal information or download any files via email.
Will PayPal refund money if scammed?
If you were scammed on PayPal, you have 180 days to report fraud. If you do, PayPal guarantees a full refund. Also, if the purchased item differs from the one you ordered, or you didn’t receive any at all, you can turn to PayPal Purchase Protection and get a full refund, including the shipping costs.