Get powerful protection against online scams with Avast One
- Security
- Privacy
- Performance
As one of the leading online payment systems, PayPal has a reputation for being a safe and easy way to send and receive money. But no payment system is completely immune to scams. Read on to learn about PayPal scams, how to avoid them, and how to keep all your online accounts more secure with multipurpose security software like Avast One.
PayPal is not a scam — it’s generally a safe, reliable online payment system used by millions of people worldwide. However, scammers have been known to use PayPal to fool strangers into transferring money or sharing login information via fake links. PayPal scams are usually carried out through fake emails or texts designed to look like they come from PayPal.
This Article Contains :
PayPal scammers use social engineering tactics to get you to click fake PayPal links, enter your credit card details, or send money to them. For instance, a malicious link might take you to a clone site that looks trustworthy and real but is really a fake, and you’re actually sending your login or payment details directly to a fraudster.
Yes, PayPal is a secure and trustworthy platform. It uses end-to-end encryption and two-factor authentication to secure transactions. PayPal even monitors transactions around the clock.
You shouldn’t be afraid to use PayPal, but you should always ensure you’re using the real site or app. And be wary of messages urging you to click a PayPal link, because they might be scammers using phishing tactics, like claiming that a cash prize awaits you.
No online transaction can be 100% secure, but PayPal does a lot to make your transactions as secure as possible. In summary, PayPal is a safe and reliable way to send money when you know what you’re doing, but receiving money from strangers should be avoided as there may be an ulterior motive.
The most common PayPal scams include phishing, Bitcoin scams, overpayment scams, and invoice scams. They usually involve social engineering tactics to trick you into entering your address, credit card info, or password. You may also fall victim by clicking a link that downloads malware to your device.
Learn how to spot a PayPal scam by reading on.
1. Phishing scamsMost PayPal scams begin with some type of phishing attack. Phishing is when a fraudulent email or text is sent to trick you into divulging personal data or clicking a link to a fake website that could infect your device with viruses or other malware. Hackers can create PayPal malware to access a person’s information like passwords and credit card numbers.
PayPal emails can be spoofed, making it even harder to spot the scam. An example PayPal phishing scam is an email that appears to be from PayPal saying there’s a problem with your account and that you must click the link to correct it. But the link doesn’t lead to the real PayPal website. Instead, you’re sent to a fake PayPal website. When you “log in,” you give the scammers access to your real account — and your money.
Other PayPal phishing attacks target specific individuals, otherwise known as spear phishing. These fake PayPal emails may ask you to confirm your account information or shipping details. If you’re an Apple user, scammers may also target your Apple ID in phishing scams.
2. Bitcoin scamsA PayPal Bitcoin scam email usually involves getting an “invoice” for Bitcoin or other cryptocurrency purchases. It will include a phone number to call if you have any questions and the person on the other end will attempt to extract personal or financial information from you to stop the “order” being processed.
Likewise, in advance-payment scams, a small Bitcoin investment may be requested with the false promise of generating a large return. Beware that crypto scams often contain elements of other scams too — their goal could be to infect your computer through a malicious link with cryptojacking malware.
3. Overpayment scamsAny time you engage in e-commerce, watch out for overpayment scams. In overpayment scams, a buyer deliberately overpays for an item and asks the seller to refund them for the difference. But instead of letting the original payment stand, the buyer cancels the overpayment, leaving the seller with less money and maybe even without the item they sold.
Any overpaid transaction on PayPal should be canceled immediately, as it’s most likely a scam. Thankfully, because PayPal is a secure payment platform, you can easily reverse PayPal payments if you act quickly.
4. Invoice scamsAn invoice scam appears as a legitimate invoice demanding immediate payment, but it's actually a trick to get you to send money or provide personal details. The email will look convincing, with business logos and serial numbers, but it's all a ruse for a service or product you never ordered.
Invoice scammers often require payment in cryptocurrency to make tracing and disputing the payment impossible, a tactic known as a Bitcoin invoice scam.
5. Shipping address scamsIn shipping address scams, the scammer provides an invalid delivery address, then contacts the delivery company directly to update the address and receive the package. But because the original delivery address is invalid, the scammer can complain to PayPal that they never received the package and ask for a refund.
Scammers pull this off in a few different ways. They might request a preferred shipping method or company, or send a prepaid shipping label to the seller. By doing this, the buyer has the ability to reroute the package to the correct address without the seller knowing. And because the fake address is what’s on the transaction details, PayPal may grant the refund.
To avoid this type of PayPal refund scam, ensure proof of delivery (in which the buyer has to sign when receiving the goods) and never agree to change the delivery address once payment has been made.
6. Advance-payment scamsIn advance-payment scams, you’re informed that a large payment is on the way (such as an inheritance or lottery winnings), but first you must pay a relatively small deposit or provide personal information. While the payment address they provide is real, the money you’re promised to receive is fake.
This scam can also come in the form of a fake PayPal payment confirmation. You’re shown a fake PayPal balance, stating that you have thousands of dollars in your account, and you just have to confirm the deposit — but if you follow the link, you end up losing money. Thankfully, PayPal protects against fraud by monitoring transactions, but some scams still slip through the cracks.
7. Fake or hacked account scamsSome PayPal scammers make up fake accounts saying they’re connected to a charity, then ask for donations. The email or website may be spoofed, or look convincing enough to be considered legitimate. They may even use a spoofed phone number as their contact.
Be sure to check the recipient’s details carefully and look into the legitimacy of the charity. If you find a legitimate website from the charity soliciting donations, then donate directly through the website, not through email links.
If your account has been locked unexpectedly or you suddenly start getting strange notifications, that may be a sign that your PayPal account has been hacked and is being used by scammers for nefarious ends.
8. Fake payment scamsFake PayPal payment scams target merchants. These scams begin with the supposed buyer sending a fake PayPal payment confirmation email. The seller sends the goods, believing the payment has been received. Only later do they realize the payment was fake.
While PayPal can’t recover the item without proof of transaction, you can confirm whether the email is legitimate by taking a screenshot and reporting it to PayPal to confirm.
Other types of PayPal scams include romance scams and tech support scams. While PayPal is generally a safe service for online transactions with small businesses, be wary of any situations that leave you questioning the legitimacy of a transaction — both as a buyer and seller.
9. Job scamsPayPal job scams are unlike other scams because they don’t happen through emails. You’ll get a message on Telegram or another messaging service claiming that your number was found on a networking site and there’s a job opportunity for you.
The purported job may entail watching a short video, writing reviews, or liking posts in an app. At first, your new contact will send you money for completing the tasks. Real money with no strings attached. However, after a certain point, you’ll need to deposit money in order to continue earning. Your earnings appear to go up and up, but soon you end up depositing a lot more money than you ever actually received.
PayPal sends emails only for payment notifications, receipts, and promotional purposes. All other PayPal account communications are issued directly on their website or app. Any emails that PayPal sends out will address you by name, not with an impersonal greeting like “Dear User.”
The primary email address for PayPal is paypal@mail.paypal.com, and this is the address that’s usually used to send account statements and notifications of changes. PayPal sends receipts via the email address service@paypal.com. The email address paypal.me is also a legitimate address meant for sharing your PayPal account and sending money more quickly and easily.
PayPal has a standard procedure for reporting a scam. Phishing emails should be forwarded to phishing@paypal.com, and the email should be deleted from your inbox. If you think your account may have been compromised, change your password immediately and update your security questions before using your PayPal account again.
If you suspect a scam related to unauthorized use or fraudulent activity, use the “Report a Problem” feature in the PayPal Resolution Center. From there, select the transaction to dispute and follow the instructions. If the scam resulted in a stolen identity, report the identity theft to the relevant authorities.
If you’ve been scammed, cease all communications with the scammer and change your password to something strong to prevent unauthorized access to your account. Then, report the scam to PayPal’s Resolution Center and your local police department.
By reporting the scam to PayPal, they may give you a refund if you’ve lost money. And while reporting to the police will do little to help recover your funds after a scam, it may help prevent the scammer from striking again in the future.
If you think your information may have been compromised as the result of a scam, data protection tools like Avast BreachGuard can help you find out if your personal info has been compromised so you can take the necessary steps to secure your data. Avast BreachGuard automatically notifies you if your personal information appears in any data breaches, giving you a head start on changing passwords and securing your online accounts.
To help avoid being scammed on PayPal (or any other payment platform), verify the authenticity of each email and transaction before you share personal or financial information, or before you send goods to a buyer. And don’t accept money from a stranger.
Follow these basic tips to help you avoid scams on PayPal and other platforms:
Don’t click links in emails appearing to be from PayPal. If there is an issue with your account, log into PayPal directly and go from there. You can avoid the vast majority of threats this way.
Don’t share personal information such as passwords or other login data.
Don’t let strangers send you money via direct payment or trick you with gift card scams.
Don’t accept random requests from people you know — they may be Cash App scams or Venmo scams.
Don’t select the family and friends option unless they really are family or friends.
Use credit cards since debit cards grant access to your bank account, while credit cards don’t. Plus, if PayPal can’t give you a refund when scammed, your credit card company might.
Don’t use unfamiliar delivery services that you’ve never heard of or don’t trust.
Check for spelling errors or an unusual domain in the email address, such as .vip, .gdn, .win. These are telltale signs of suspicious activity.
Sign up for PayPal’s Seller Protection Program for additional fraud protection if you’re an online seller.
Be skeptical if something seems too good to be true, like a huge amount of promised cash.
A great way to guard against PayPal scams is to make sure your own device is protected. Avast One is a powerful security solution with an award-winning threat-detection engine that helps protect against suspicious sites and block malware-infected links. Get Avast One today to help protect against PayPal scams and other online threats.