Scammers rely on striking an engagement and building trust with the target to pull off their scams. If you immediately become suspicious, the scam may fail. That’s why fraudsters rely on powerful emotional triggers such as the fear of losing money. You will notice this recurring theme in many PayPal email scams.
1. “Your Account Has a Problem” — scam
This fake PayPal email scam may play out in several scenarios. Its underlying characteristic is that you will receive a notification that there is a problem with your account, for instance:
- We have limited your account because of suspicious account activity;
- We are moving to a new system and require customers to update their information;
- There is an issue with a recent transaction.
There will be a link with a convincing CTA such as “Secure Your Account.”
2. Unusual Activity or Unknown Device Login
The PayPal fraudsters may send an email claiming that they have detected unusual activity or login from an unknown device. The email may have a link asking users to “Click here to confirm your identity.”
Credits: Vade Secure
3. You made an unauthorised payment
Another PayPal email that definitely gets attention may claim that you made a payment that you don't remember making or authorising, as with this example shared by the University of Delaware.
Credits: University of Delaware.
4. Chargeback scam
The scam may target sellers. After executing a sale, you receive an update that money has been deposited in your account. Naturally, you ship the item or give it out. The scammer then proceeds to report that their account was hacked, which may prompt PayPal to reimburse the funds from your account.
You should also be aware of more PayPal scams, as they may come in different forms.
What happens after clicking on Fake PayPal emails
The most likely scenario is that you’re redirected to a nearly identical PayPal site. It may have a form that asks for all your information.
The message may have a phone number. If you call it, you may end up speaking to a highly convincing scammer. Even if the scam doesn’t go through, the fraudster may sell your information on the dark web.
How to recognise a genuine email from PayPal to avoid a scam
Remember that a scam kicks off the moment you engage with the scammer's message. The best line of defence is simply ignoring a PayPal scam email. How do you tell which messages are genuine?
- Hover over the URL to check the link and confirm the address. It should start with https:// followed by paypal.com;
- Check for a heightened sense of urgency “Act Now!”;
- Check for typos or poor grammar;
- PayPal never asks for a credit card, bank account, driver’s license, or National Insurance Numbers in emails;
- Never click on any attachment.
As a policy, you can adopt the approach of never clicking on any link in a PayPal email. Instead, make it a habit of visiting the main website directly and checking for new notifications.
PayPal scam texts and calls on mobile
Scammers know that many people have their guard up whenever they browse the web. They have turned to SMS (Smishing) and phone scams (Phishing).
Some common PayPal phishing texts include:
- “You spent £50 with PayPal. If you did not make the transaction, call us immediately.”
- “Your account has been suspended…”
If you call the number in the smishing text, you may end up speaking to a scammer. They may ask for banking details or convince you to do something else.
Similarly, you can receive an automated call. The pre-recorded message may inform you of a possible fraudulent transaction in process. You may receive a prompt to enter your password to halt the transaction immediately.
How do I report a PayPal scammer?
PayPal recommends forwarding the suspect email in its entirety to its security team at firstname.lastname@example.org for further investigation. Forward suspicious text messages to 7726. Additionally, you can report the phishing attempt to the police through Action Fraud.
Available on Web, iOS, and Android.