With over 429 million active accounts, PayPal is one of the most widely used online payment platforms. But its popularity also makes it a prime target for scammers. A new PayPal phishing scam is making the rounds, and even cyber security experts have been fooled by its sophistication. Officials are now warning users to stay vigilant. Read on to learn how this scam works, how to spot fraudulent PayPal emails, and what steps to take if you’ve been targeted.

Life

Zelle Scams: How to Protect Your Money and Avoid Common Frauds

Sending money to other people has never been easier. Whether paying for goods and services or sending money to someone for a special occasion, Venmo, CashApp and Zelle can transfer your money in minutes. However, these platforms also give way to fraud and theft. With Zelle scams on the rise, keeping your finances safe is […]

What is the PayPal scam?

PayPal is an online payment system that offers people the chance to receive and send money virtually. It also allows users the ability to link their account to their debit card, credit card or bank account for online purchases with the promise that the information is secure and encrypted.

Unfortunately, PayPal users’ financial information is now at risk of being anything but secure thanks to a new cyber scam. In this phishing-style scam, bad actors are targeting people with fake invoices requesting payment.

How the PayPal scam works

In this scam, an email pops into your inbox claiming to be from PayPal. Like other phishing attempts, there’s often a false sense of urgency to get the recipient to act quickly without suspicion.

Carl Windsor, the chief information security officer for cyber security company Fortinet, shared his experience with this scam in a blog post. The email he received had a subject line of “Reminder: You’ve still got a money request.” The message then encouraged him to click on a link that appeared to redirect Windsor to a login page for PayPal.

In other instances, officials are warning that the scammer will include a toll-free number and ask the recipient to call to get the matter straightened out. That phone number is linked directly to the scammer, not the official PayPal customer service.  

Why this scam is a concern

Compared to other email scams, this attempt seemed less obvious to even a security expert like Windsor. In the message he received, the sender appeared to be “service@paypal.com” and even the link for the log-in page looked legitimate at first glance.

But anyone who clicks on it and enters their information gets their account linked to that of the scammer. This means the cyber thief gets to take control of the victim’s PayPal account without their consent or knowledge.

Similar concerns arise with other forms of the scam. If someone calls the phony number in this phishing email, the scammer will attempt to steal personal and financial information. This can be used for identity theft or to gain access to the victim’s money.

What to do if you’re a victim

If you accidentally fall for this scam, it’s best to report the activity right away. Not only should you contact PayPal, but you’ll want to reach out to your bank and/or credit card company.

It’s also a good idea to contact local law enforcement and the Federal Trade Commission if you need to submit a fraud report or identity theft report.  Placing a fraud alert with credit bureaus can keep your identity safe, as well.

Even if you only received a suspicious email and haven’t taken any action, it’s worth letting PayPal’s customer service team know to alert them.

Life

Mail Theft Check Fraud Is Surging—Here’s How to Protect Yourself

Though only 61% of Americans wrote a check in the last year according to a 2024 survey, officials are still warning people about crime trends related to paper checks. It’s easy to see why; two men in Michigan were recently charged for stealing checks believed to be worth more than $1 million in total. Wondering […]

How to protect yourself from PayPal scams

With this PayPal scam on the rise, staying vigilant can help protect your information and money. Follow these tips to stay safe:

• Watch for generic greetings. According to PayPal, an email will always address you by the full name listed in your account. It will never say something like “Hello, PayPal member.”
• Type the URL yourself. Even if the link included in an email looks legitimate, clicking on it could result in malware or lead to a fake website designed to steal information. Instead, manually enter the PayPal website.
• Ensure PayPal’s logo is included. The company says its logo and a checkmark will appear in your email inbox view to prove it’s legitimate. Many email service providers offer this now to help weed out phishing emails.
• Avoid returning an automated phone call. It’s easy for scammers to leave messages and ask victims to call them back concerning their accounts.Instead, contact the PayPal customer service team directly at 1-888-221-1161. (Note: Caller ID can also be faked so it’s best not to assume a call from “PayPal” is legitimate).
• Guard personal information. Don’t share personal, credit card or bank information via text, email or phone. PayPal also points out that a customer service rep shouldn’t ask for information related to your account (such as passwords or validation codes).