Skip to content

Blog

Is this email real? Spotting a PayPal scam before it bites

PRESENTED BY PaperCut Logo
Technology Security Science Business

An email arrives in your inbox, letting you know there was an issue with a recent purchase. If you’re not asking yourself, “Is this email from PayPal real?” and acting accordingly, you could be in for a nasty surprise.

PayPal scams are unfortunately becoming common and more sophisticated, making it difficult to know if the communications you receive are fraudulent or true. Fraud on platforms like PayPal are becoming so prevalent that they are expected to surpass $48 billion in 2023

There are more than 431 million active PayPal accounts worldwide, and since PayPal has links to your bank account, it’s become a prime environment for scams. 

PayPal scams are a type of phishing attack that aims to trick users into providing their banking details or asking for illegitimate money transfers. Often the scammers impersonate a legitimate entity and then send fake emails or texts that look like they are from PayPal. 

There’s different types of cybercrime and the most common ones to keep an eye out for are hoax websites that look like the real thing, phishing emails, and scammers asking you for money. 

Read on to find out how PayPal scams work, examples of scam emails and texts, and important tips on how to protect yourself and stay safe online. Scamming can happen to anyone, and so we’ve also outlined the steps to take if you unfortunately fall victim to a scam. 

How does a PayPal scam work?

A PayPal scam is a type of phishing attack designed to exploit the trust that users place in the popular online payment platform, PayPal. Phishing, in general, involves fraudulent attempts to obtain sensitive information, such as usernames, passwords, credit card details, or money, by impersonating a legitimate entity, like PayPal. 

Scammers initiate these scams by sending deceptive emails or texts that appear to come from PayPal, asking recipients to take specific actions. These actions might include verifying their account, updating personal information, claiming a reward, or paying a fee. However, the aim is to deceive the victim into providing valuable information or making unauthorized financial transactions.

The messages contain links or attachments that can lead to identity theft, account takeover or financial loss. 

Recognizing PayPal Scam Emails and Texts

To protect yourself from falling victim to PayPal scams, it’s crucial to be able to identify them. Here are some common signs that can help you spot a phishing PayPal scam:

  • Generic greetings: Scam emails often begin with impersonal greetings like “Dear Customer” or “Hello User.” Legitimate communications from PayPal will typically address you by your name.
  • Spelling and grammar errors: Scam messages often contain spelling mistakes, grammatical errors, or poorly constructed sentences. These errors are a red flag as reputable organizations generally have professional communication standards.
  • Urgent or pressured language: Scammers use urgency and pressure to manipulate victims. Phrases like “Your account will be suspended” or “You have a limited time to act” are tactics to make you act hastily without thinking.
  • Requests for personal or financial information:  PayPal will never ask you to provide sensitive information, such as passwords, bank details, or credit card numbers, via email or text. Be cautious if you encounter such requests.
  • Suspicious sender addresses, links, or attachments:  Always check the sender’s email address. Be wary of addresses that don’t match PayPal’s official domain (e.g., “@paypal.com.co” or “PayPal-security.net”). Additionally, avoid clicking on links or opening attachments in suspicious messages.

If it sounds too good to be true, it probably is. Some fraudsters trick you into thinking you’ve received a payment or have been overpaid. These manipulation techniques are designed to lure you in with false information and have you take the action they desire so that they can access your sensitive information. 

Protecting yourself from a phishing PayPal Scam

Prevention is the best defence against PayPal scams. Follow these essential tips to safeguard your PayPal account and personal information:

  • Never click on unverified links or open attachments: Avoid clicking on links or opening attachments from unknown or suspicious sources. Instead, visit the official PayPal website directly by typing the URL into your browser.
  • Verify the sender’s address and URL: Always scrutinize the sender’s email address and double-check URLs before clicking on them. Legitimate PayPal communications will come from “@paypal.com.”
  • Log in directly: When accessing your PayPal account, use the official PayPal website or the secure mobile app. Do not click on links in emails or texts claiming to be from PayPal.
  • Use strong, unique passwords: Create strong, unique passwords for your PayPal account and change them regularly. Consider using a reliable password manager to help generate and store complex passwords.
  • Enable two-factor authentication (2FA): Activate 2FA for your PayPal account and other online accounts whenever possible. This adds an extra layer of security by requiring a secondary authentication method.
  •  Report suspicious emails: If you receive a suspicious email or text claiming to be from PayPal, forward it to PayPal’s official email address for reporting: spoof@paypal.com.

Responding to a PayPal Scam

If, despite your best efforts, you fall victim to a PayPal text or email scam, it’s essential to act swiftly to minimize the damage. Here are the steps to follow:

  1.  Contact your bank or credit card company: Immediately get in touch with your bank or credit card company to inform them of any fraudulent transactions. They can help you halt unauthorized payments and initiate an investigation. 
  2. Change your PayPal password and security questions: Log in to your PayPal account (via the official website or app) and change your password and security questions to regain control of your account.
  3. Review your account activity: Thoroughly review your PayPal account activity to identify any unauthorized transactions. Report these to PayPal through their Resolution Center, which can be accessed from your account dashboard.
  4. Report the scam: Report the scam to PayPal by forwarding the suspicious email or text to spoof@paypal.com. Include any relevant information about the fraudulent communication.
  5. File a complaint: Contact your local law enforcement authorities and file a complaint about the scam. 

Minimising the impact of a phishing PayPal Scam

PayPal scams are a significant threat in the digital world, and scammers are becoming increasingly skilled at crafting convincing fraudulent emails and texts. However, if you know what to look out for and take care, you can protect yourself from falling victim to these schemes. 

Always be cautious of unsolicited emails or texts, verify sender information, and never provide sensitive information online. In the unfortunate event that you do become a victim of a PayPal scam, remember to take immediate action by contacting your bank, changing your PayPal password, reviewing your account activity, reporting the scam, and filing complaints with relevant authorities. 

By staying informed and proactive, you can minimise risk and avoid scammers’ attempts and keep your finances and personal information secure. 

Profile image of Alistair Nestor
Alistair Nestor
Communications lead

Alistair didn’t choose the print management life; the print management life chose him. As the resident PaperCut communications guy, he’s real word good at saying things.

Related articles

Detecting and Debunking AI-Generated Political Content Cybersecurity threats in elections - A 2024 guide! The internet of (unsecured) things: securing the smart home and beyond The top 8 password managers in 2024