PayPal Scams – What They Are & How to Avoid Them

Stephanie Faris
Writer
Dolores Bernal
Editor
December 4, 2023
paypal app

Credit: Brett Jordan

Like many of us, I’ve had a PayPal account for years.

I remember using it for the first time when I began shopping on eBay. 

Maybe I’m old-fashioned, but I prefer my PayPal account more than newer digital payment methods like Venmo and Apple Wallet. 

I can still recall a few scam emails I got in the early 2000s. Since I worked in information systems at the time, I knew better than to click links. I’d cleaned up more than a few viruses caused by those clicks. I always went straight to PayPal, logged in, and checked to see if there were any issues with my account.

But it’s not as easy to avoid scams these days. PayPal scammers can be pretty creative in getting you to click. It can be hard to tell what’s real and what’s phony.

Luckily, we’re here to help.

What are PayPal Scams?

PayPal is an online payment solution that lets you send funds to friends and family, pay for purchases in online marketplaces, and buy items from websites without sharing your payment details. With more than 430 million active accounts in 200 different markets worldwide, PayPal is still a vital part of the payment landscape.

Unfortunately, all that success makes PayPal a target for fraud. Over the years, more and more scams have emerged, putting all of us with an account at risk.

What’s the first step to keeping our money safe? Knowing the risks.

Scammers have gotten more sophisticated as people have learned to spot the red flags. Maybe someone tricks you into donating money to a fake charity. Or, you could get an email with a link that asks for your username and password.

That’s only the tip of the iceberg, though. Below are the many different types of scams that can strike anyone with a PayPal account.

✎ Related Scams Involving Peer-to-Peer Payment Apps:

13 Common Types of PayPal Scams

  1. Fake Order Confirmations
  2. Account Suspension Warnings
  3. Fake Invoices
  4. Shipping Address Scams
  5. Suspicious Account Activity Warning
  6. Seller Scams
  7. Cash Rebates/Rewards Scams
  8. Charity Scams
  9. Overpayment Scams
  10. Account Verification Emails
  11. Advance-fee Scams
  12. Funds on Hold Warnings
  13. Return Policy Abuse

1. Fake Order Confirmations

What is it? You receive an email from PayPal letting you know an item has shipped. The problem? You didn’t order that item. Often, it’s a high-dollar product like a smartphone. You’ll be provided contact information, but when you call, you’re asked for sensitive data like a password or credit card number.

How to spot it: The email usually appears to have come from PayPal, complete with branding and an order number or purchase ID. However, these fake emails direct you to a phone number to call “for disputes” or, to an illegitimate website.

How to avoid it: Never click on links or call phone numbers found in an email. If you have a question, contact PayPal through its website or by calling customer service.

2. Account Suspension Warnings

What is it? With this scam, you receive an email or text letting you know that your PayPal account has been put on hold or limited until you confirm your information. All you have to do is click on a link and input some information. Don’t do it.

How to spot it: Unfortunately, PayPal does send similar emails, so it can be tough to spot the difference. PayPal claims it will never ask you to enter your password anywhere but on the main login page. The issue is that spoofers can create a realistic-looking PayPal landing page and fool you.

How to avoid it: The best thing to do is go to Paypal.com and log in if you receive a notice like this. If you receive a suspicious email, forward it to phishing@paypal.com and call PayPal to check if there is any suspicious activity in your account.

3. Fake Invoices

What is it? You receive an invoice in an email that appears legitimate. It may list a seller name like Bitcoin Exchange, or it may simply say that it’s from PayPal. The email states that all you have to do is click on the button and pay. In most fake invoice scams, the invoice comes from PayPal, but you don’t owe money to the person who sent it.

How to spot it: The biggest sign that you’ve received a fake invoice is that you aren’t expecting it. Above the invoice, you should see your full name. Legitimate PayPal invoices will always address you by your name. You can also look closely at the phone number on the invoice and make sure it matches one of PayPal’s customer support numbers.

How to avoid it: Never click on links or call phone numbers on invoices you weren’t expecting. 

4. Shipping Address Scams

What is it? You’ve sold an item, but soon after, someone claiming to be the buyer reaches out and asks you to ship to a different address. In some cases, the scammer says that the wrong mailing address was provided in the first place. The shipping company marks the item as undeliverable. At that point, the buyer reaches out to the shipper and asks that the package be rerouted to them. At the same time, the buyer lies to PayPal, saying the item was undeliverable to get a refund. As the seller, you lose both the money and the product.

How to spot it: PayPal provides a mailing address on the transaction details page after someone pays. If someone is asking you to send the package anywhere else, that’s a red flag.

How to avoid it: Always ship only to the address on the transaction details page. Your PayPal seller protection will only cover you if you use that address.

5. Suspicious Account Activity Warning

What is it? Suspicious activity alerts are designed to protect you, right? So, it’s interesting that fraudsters use these messages to scam people too! With this scam, you receive an email, text, or phone call stating that there’s been unusual activity on your account. You’re directed to click on a link or, if by phone, respond with details like your username and password. You may then be asked to verify details like your phone number and mailing address. Don’t do it.

How to spot it: The communication can seem legitimate, but the urgent wording is designed to get you to click without thinking. While PayPal does send these types of messages, there can be telltale signs like misspelled words or poor grammar.

How to avoid it: Better safe than sorry. If you receive this type of email, contact PayPal directly to ask if there are really any issues with your account.

6. Seller Scams

What is it? You no longer have to go through a business to buy items. You can find items for sale on Facebook Marketplace or on sites like Etsy or eBay. However, marketplaces can also be hot spots for scammers. With seller scams, someone posts an item for sale, collects your payment, and then vanishes without shipping the item. On eBay and Etsy, you can check reviews to make sure the seller is legitimate, but this isn’t an option with Facebook Marketplace.

How to spot it: Anyone can steal a picture of an item and claim to have it. Ask questions before buying, and if the seller wants you to pay using PayPal Friends and Family, it could be a red flag. PayPal Buyer Protection does not cover purchases marked Friends and Family. 

How to avoid it: Always choose “Goods and Services” when sending money to strangers through PayPal. If the seller doesn’t follow through, you can dispute the transaction and potentially get your money back. Before sending money, research the seller’s history, including reviews.

7. Cash Rebates/Rewards Scams

What is it? It can be so exciting to win a prize. This scam takes advantage of that, promising PayPal account holders a prize or rebate. All you have to do is click to claim your prize. Once you click, you’re prompted to log into your PayPal account. The problem is, there’s no prize, and the scammer just captured your username and password.

How to spot it: You should never have to enter any information to claim a reward. Chances are, the message won’t reference a contest you entered. These out-of-the-blue emails should always be eyed with suspicion.

How to avoid it: Even if an award or rebate is legitimate, refuse to provide any financial or account information to claim your reward.

8. Charity Scams

What is it? I love how easy the internet has made it to donate to friends, relatives, and charitable nonprofits. Unfortunately, that convenience brings scammers. With this type of scam, a fraudster poses as a charity and solicits funds, providing a link to pay using your PayPal account. Unfortunately, there’s no charity, and the scammer pockets the money and runs. GoFundMe has become particularly prone to these sorts of scams, since a fundraiser can be shared on social media, gathering large sums of money before anyone finds out that it’s not legit.

How to spot it: Obviously, you can research a charity to make sure it’s legitimate, but a scammer can claim to be collecting for a legitimate charity. One telltale sign of a charity scam is urgent messaging. The person who contacts you will act as though the money is necessary “now.” 

How to avoid it: If you have doubts, reach out to the charity and ask if this person is a true representative of the organization. If possible, give directly to the charities you want to support rather than going through a middleman.

9. Overpayment Scams

What is it? You receive payment for an item, but on closer inspection, you notice the person sent too much money. When you reach out, the buyer asks you to refund the difference to a separate account. You fulfill the request and ship the item, only to later learn the original purchase was made with a stolen card or hacked account. The owner of the hacked account might even issue a dispute for the purchase.

How to spot it: With any overpayment, proceed with caution. If someone is asking you to refund the money to a separate account, there’s even more reason for concern.

How to avoid it: Only refund money to the same PayPal account that initiated the transaction. To play it safe, you could also refund the full payment and require the buyer to submit the correct amount before shipping the item.

10. Account Verification Emails

What is it? I have to admit, when I see an email saying my account needs to be verified,  I’m almost fooled. I’m always tempted to click, but I know that the links in these emails often take you straight to a page that captures login credentials. It’s a very common PayPal scam.

How to spot it: The email will often contain language designed to scare you into clicking. Be on alert for typos and grammatical errors in the email. However, even if the email is flawless and looks legitimate, don’t click.

How to avoid it: Instead of clicking, go straight to the PayPal website and log in. If you see nothing wrong with your account but you’re still concerned, reach out to customer service and ask if they need anything from you.

11. Advance-fee Scams

What is it? You’re “entitled” to a $3,000 payment, but first, “we just need a $500 deposit from you.” You send the $500 and nothing happens, or worse, the scammer keeps pressuring you for more money. This scam can also include a legitimate-looking verification that the funds have been deposited in your PayPal account. The money will be available to you once you deposit the upfront fee.

How to spot it: You should never have to pay a fee to access money you didn’t even know was coming to you. Any such message should be immediately questioned.

How to avoid it: If you receive any unexpected email requesting payment, research it thoroughly before responding.

12. Funds on Hold Warnings

What is it? If you ever sell items using PayPal, this one applies to you. You’ll sell the item, then receive an email from the buyer saying they’ve deposited the funds but they’re on hold until you submit a tracking number. The email will look like it came directly from PayPal, but when you ship the item, you never receive payment.

How to spot it: PayPal doesn’t put funds on hold to wait for shipping information. All transactions are between sellers and buyers. 

How to avoid it: Regardless of the payment method, you shouldn’t ship an item until you’ve verified funds are safely in your account.

13. Return Policy Abuse

What is it? Buyers expect flexible return policies, but this can open the door to scammers. They buy an item and then claim something was wrong with it to get a refund. The hope is that they can keep the item and the money. In some cases, the buyer only needs the item for a limited time and has no problem shipping it back to you in return for a full refund.

How to spot it: Unfortunately, you won’t know that this type of fraud is happening until it’s too late. It’s tough to differentiate between legitimate returns and fraudulent ones. Not refunding at all can hurt you, as some customers are skeptical of buying from sellers without a return policy.

How to avoid it: Make sure there is a defined return policy, and always ship using a method that can be tracked. This will allow you to dispute any claim that an item was never received. PayPal has a process for investigating return fraud, so if you suspect a return is fraudulent, make sure you report it.

In another PayPal scam, scammers trick victims into sharing Steam gift card codes in exchange for promised PayPal repayment.

How to Avoid PayPal Scam?

If all these scams have you thinking about going back to cash, don’t delete your account just yet. There are some things you can do to keep yourself safe.

Here’s the thing:

All these steps are best practices for all your websites, especially those that involve your finances.

Take these one step at a time, and soon, you’ll be able to send and receive money without stressing.

1. Practice good password hygiene

Keeping your account safe starts at the login level. If someone can log in as you, they’ll have full access to your funds. There are a couple of things you can do to protect your account access.

Use Strong Passwords

Yes, it can be tough to remember long passwords with a combination of uppercase and lowercase letters, numbers, and special characters, but those are tougher to crack. Longer, complex passwords will keep you safer. If you have a tough time remembering your passwords, so will a hacker or scammer. A password manager can help you keep up with all those passwords.

Enable Multi-Factor Authentication

I think we all know by now that PayPal accounts can be hacked.

With multi-factor authentication, you put an extra layer between you and hackers. Think of it as living in a gated community with a gate protecting your house, too. The more you can do to secure yourself, the less likely there will be a breach.

Setting up Paypal’s multi-factor authentication is a fairly simple process:

  • Hover over your name in the upper-right corner
  • Choose “Profile Settings”
  • Scroll down to “2-Step Verification”
  • Select “Update”
  • Choose “Use an Authenticator App,” then follow the steps from there

2. Don’t use friends and family to pay strangers

PayPal offers two options for paying someone. Friends and Family is designed for those you know in person. If you’re repaying your buddy for your share of a pizza or chipping in for a vacation rental, the friends and family option will let you send those funds without fees.

The other option, “Goods and Services,” is designed for everything else. You’ll pay fees, but you’ll also get purchase protection. If something goes wrong with the transaction, you can dispute it and possibly get your money back.

Any time you use the friends and family option, ask yourself what would happen if something went wrong. Chances are, if it’s someone you don’t know, the answer will drive you to choose the “Goods and Services” option.

3. Report fraud and abuse

If you experience fraud and abuse on any marketplace, it’s important to report the user. Doing so helps keep these platforms safe.

On PayPal, you do this through the fraud reporting section of the site. In most cases, you’ll be directed to the Resolution Center, where you can input information and get a case number that you can then track.

You may need to go beyond PayPal if your credit card or banking information was compromised. At that point, you’ll need to contact the card issuer or your bank. In some cases, it may even be necessary to file a police report.

4. Research recipients

If you’re buying items online, always take the time to research the recipients. This applies if you’re donating to a charity as well. Make sure the money is going where you think it is. If you’re sending money to an online seller, do your best to look for previous reviews, and if you can’t find any, don’t click the “Pay” button.

5. Keep all transactions on PayPal

Often scammers operate by trying to convince you to work outside of PayPal. For instance, someone who overpaid might ask you to refund the overage using a wire transfer. Once you’ve left the PayPal platform, you lose any protection you might have had.

It’s also important to ship only to the addresses listed on the “Transaction Details” page. Try to use a shipment method that can be tracked. If the buyer claims the item never arrived, this tracking information will be crucial to responding to any dispute.

6. Verify all transactions on PayPal

Even if you’re selling multiple items every week, it’s important to set up a system that ensures you don’t ship until payment is in your account. If you do receive an email from a buyer stating funds have been sent, check your account and make sure you see the money there before you ship.

7. When in doubt, contact PayPal

PayPal has multiple ways to contact customer service with questions about your account:

  • Message: To send a message inside PayPal, log into your account and choose “New Message” from the message center.
  • PayPal app: Once you’re logged into the PayPal app, tap on your profile photo, choose “Message Center.”
  • Facebook: Contact PayPal through their Facebook page.
  • Twitter: Tweet @AskPayPal.
  • Contact Us Website: On the Contact Us site, select the reason you need help from the drop-down box and follow the suggested steps.

What to Do If You’ve Been Scammed on PayPal?

If you’ve already been scammed, all is not lost. There are a few things you can do. If PayPal doesn’t get your money back, at least you’ll protect yourself and possibly others from further damage.

1. Cancel the payment

In some instances, you can stop the payment, but it’s important that you act quickly. If the payment hasn’t been claimed yet, you may be able to cancel it. To do this, go to “Activity” and find the payment on the list. If “Cancel” is an option, select it. Follow the prompts to finalize the cancellation, then report the fraud attempt.

2. Dispute the transaction

Once the payment has gone through, you may need to file a dispute. The first step should be to reach out to the seller and try to resolve it between yourselves. If this doesn’t work, log into your account and go to the dispute resolution center. Follow the steps to dispute the transaction.

3. Monitor your accounts

Money isn’t the only thing you can lose in a PayPal scam. If your PayPal or financial information has been compromised, it’s important to take steps to protect both your accounts and your credit score.

Change All Passwords

It can take some extra work, but it will be well worth it if it saves you from identity theft. Change your password on every account that might have been affected. Set up multi-factor authentication if available, including on PayPal and your bank account.

Read Tips to Protect Your Passwords Better

Report to PayPal

PayPal’s Security Center makes it easy to report fraudulent activity. Simply choose your fraud type and follow the steps to report it. If you’ve received a phishing attempt through email, don’t click on any links or download any attachments. Instead, forward the email to phishing@paypal.com, then delete it from your inbox.

Check Compromised Devices

Hopefully, you’ve refrained from clicking on any links or downloading any files, but if you suspect you might have, it’s important to check for malware. Viruses can lurk in the background, slowing down your device and capturing your information. Invest in antivirus and scan your device until it is thoroughly cleaned. There are some stubborn viruses that may require you to reinstall your operating system to completely remove them.

Consider Identity Fraud Protection

For a little extra peace of mind, consider investing in identity fraud protection. It’s an affordable way to protect your credit against fraud. With identity fraud protection, the cost of recovery will be covered, at least in part, by your policy.

4. Block the user

To keep PayPal safe for future use, make sure you block the scammer. Chances are, the person won’t try to scam you again, but the act of blocking them can be freeing. To block someone on PayPal, once you’re logged into the account, click “Send and Request,” then click “Contacts,” find the person you want to block on the list, then tap on “Block This Contact.”

PayPal brings convenience and a level of protection because you can buy online without sharing your credit card information. However, the app can attract scammers. Knowing the various scams that exist can help you protect yourself against them.