13 PayPal scams to know and avoid in 2023

A man writing down ways to protect himself from online scams.

What Is a PayPal scam?

A PayPal scam is a scam targeted toward PayPal users, often using phishing emails and social engineering tactics for financial gain.


Imagine you’re scrolling through your inbox, and you get an email warning you that your PayPal account has been compromised.  

You immediately start to panic, as all your credit and debit cards are attached to your account.  

After reading the email, you realize that all you must do to secure your account is follow the link and log in using your email and password.  

Seems easy enough, right? 

Unfortunately, this email may be what is threatening your account, as scammers have created numerous PayPal scams to take advantage of the popular payment platform’s users, including:  

  1. Overpayment scams
  2. Fake verification scams
  3. Shipping address scams
  4. Fake payment scams
  5. Advance payment scams
  6. Smishing scams
  7. Fake promotional offer scams
  8. Hacked account scams
  9. Alternate payment method scams
  10. Payment pending scams
  11. Vishing scams
  12. Fake charity scams
  13. Fake refund scams

 

Not only that, but there are so many fake PayPal accounts that the company identified and removed nearly 5 million illegitimate accounts in 2021 alone. To help you continue to use PayPal safely, we’ve gathered 13 of the most common PayPal scams, as well as tips to help you spot, avoid, and report these pesky scams.

13 types of PayPal scams

Whether you use PayPal to buy or sell items or to pay friends and family, there are a variety of PayPal scams to be aware of. Keep reading to learn more about the most common PayPal scams to keep an eye on and avoid in 2023.

1. Overpayment scams

A graphic highlights 13 different types of PayPal scams.

In a PayPal overpayment scam, a scammer will purposefully overpay you for a product, likely with a stolen credit card or hijacked PayPal account. Then the scammer will ask you to refund the difference, often to a different account or outside source. Once you’ve refunded the money, the scammer will cancel their original payment, leaving you without your money and the product you were selling.         

  • How to avoid overpayment scams: Instead of sending a refund, cancel the transaction entirely.

2. Fake verification scams

Fake verification scams are a type of PayPal scam that relies on phishing emails. In a fake verification scam, you’ll receive an email that appears as if it’s from PayPal, requesting that you log in to PayPal to verify your account or reset your password.  

Because a PayPal scam email isn’t actually from PayPal, following the link could end up taking you to an unsafe website that is designed to trick you into giving up your login information. The link may also contain other cyberthreats, such as malware.        

  • How to avoid fake verification scams: Instead of clicking a link in an email, visit PayPal’s website directly to  check on your account.

3. Shipping address scams

In this type of PayPal scam, the scammer will intentionally provide an invalid delivery  address when purchasing your product. Then the scammer will directly contact the  delivery company and update their address. Once the scammer receives the package,  they'll claim to PayPal that they never got their package and request a refund.

Scammers can provide this invalid address in many ways, sometimes by requesting a specific shipping method or by sending you a prepaid shipping label with an incorrect address. Because the fake address is what will be listed on the transaction details, PayPal may believe the scammer and grant them a refund.         

  • How to avoid shipping address scams: Only ship the package to the address listed on the Transaction Details page. In addition, avoid using prepaid shipping labels sent by the buyer.

4. Fake payment scams

Another scam that targets sellers are fake PayPal payment scams. In this scam, the scammer will send you a fake PayPal payment confirmation pretending to be from PayPal themselves. If you don’t give the email a careful look, you may believe it’s real and send the scammer your goods without receiving payment.   

Because there will be no official proof of transaction, PayPal will not be able to recover your items, leaving you scammed, without your payment, and without the items you wanted to sell.         

  • How to avoid fake payment scams: Always double-check your account on PayPal’s website to ensure a transaction  is legitimate.

5. Advance payment scams

Another way that PayPal scammers trick PayPal users is with advance payment scams. In an advance payment scam, you’ll be promised a large payment (such as lottery winnings or a gift card) in exchange for a small deposit or personal information. 

In these scams, the PayPal account you’re dealing with is real, but the money you’re promised is fake. If you fall for this type of scam, not only can you lose money, but hackers may use the personal information you provide to try to hack your account or steal your identity.        

  • How to avoid advance payment scams: Avoid giving personal information or distributing funds to an unknown PayPal account.

6. Smishing scams

In a smishing scam, a PayPal scammer will send you an unsolicited text message while impersonating PayPal’s support team. These PayPal spam texts will sometimes contain fraud alert notifications or warnings that they have detected suspicious activity on your account.   

While this may seem legitimate at first, it is likely just a scammer trying to trick you. A PayPal scam text usually contains links to spoofed websites and is designed to steal your login information.        

  • How to avoid smishing scams: Instead of clicking a link in a text message, visit PayPal’s website directly to check on your account.

7. Fake promotional offer scams

Like other types of phishing scams, fake promotional offer scams take place in your text messages or email inbox. The scammer will often use a spoofed email address or phone number to make it seem as if they are contacting you on behalf of PayPal with an enticing promotional offer, such as a $500 bonus. 

To receive the offer, all you have to do is follow the link and enter your PayPal information. Unfortunately, following this link may take you to a malicious website and can end up infecting your device with different types of malware or putting your personal information in danger.         

  • How to avoid fake promotional offer scams: Avoid any offer that sounds too good to be true, as it often is. Also, avoid clicking on suspicious links or giving up personal information to unknown parties. 

8. Hacked account scams

A hacked PayPal account scam is when a hacker gains access to your PayPal account, often after getting login credentials from a phishing attack. Once the attacker has access to your account, they can use it to carry out any PayPal scam they want. In some instances, the hacker may use the hacked account to make as many purchases as they can before the original account owner finds out.    

  • How to avoid hacked account scams: Use strong passwords and two-factor authentication (2FA) to protect your account from hackers.

9. Alternate payment method scams

While alternate payment methods might not be a scam in and of themselves, they are a tactic that some scammers may use to try to leave you defenseless after defrauding you. For example, a PayPal scammer might request to use PayPal’s Friends and Family option rather than a traditional PayPal transaction.   

To convince you to agree, they may point out that this option eliminates certain fees that take place in a normal PayPal transaction. The catch is that paying for goods is not permitted under this payment option, therefore leaving you defenseless in the event you are scammed while using it to buy or sell goods.        

  • How to avoid alternate payment method scams: Avoid using PayPal’s Friends and Family option when selling goods to strangers.

10. Payment pending scams

In a payment pending scam, a scammer will reach out to you pretending to be an interested buyer for whatever it is you’re trying to sell. In the message, they’ll claim that they’ve made the payment but that the funds will not be transferred to you until you provide the shipment tracking number. 

The scammer will then wait for you to ship the product and then disappear without having actually paid you in the first place. Like other types of PayPal schemes, payment pending scams leave you without payment or your product.         

  • How to avoid payment pending scams: Don’t ship any goods until you confirm the transaction has gone through successfully.

11. Vishing scams

This type of PayPal scam takes advantage of both phishing emails and vishing, which is a form of phishing that takes place over the phone. The scammer will first start by sending you an email pretending to be PayPal warning you of a suspicious transaction made on your account. The PayPal spam email will then instruct you to call a specific phone number to cancel the transaction.   

Once you make the call, the person or recording on the other end of the line will attempt to get you to give up your personal information to help secure your account. In reality, this is a complex phishing attack and can put you and your account in danger.     

  • How to avoid vishing scams: Either call PayPal’s support team directly or visit their website to check on your account.

12. Fake charity scams

Unfortunately, scammers may take advantage of natural disasters or unforeseen tragedies to guilt money out of generous people with fake charity scams. In a fake charity scam, the scammer will create a spoofed website to impersonate a legitimate charity and then reach out to people for donations.  

If you fall for the scam, the website will direct your donations either to the scammer’s account or a fake PayPal account they created to impersonate the charity. To avoid this, be sure to always visit the charity’s website directly yourself rather than following any links. This can minimize your chances of ending up on a spoofed site.

  • How to avoid fake charity scams: If you wish to donate to a charity, do your research to make sure it’s reputable and visit its website directly.

13. Fake refund scams

If you ever receive a random PayPal payment, chances are it's not just an accidental mistake. In PayPal refund scams, the scammer will send you a payment and then immediately message you to apologize for the mistake and ask you to return the money.

The hacker benefits from a PayPal refund scam because they’ll send you the money from a hacked PayPal account and then request the refund to be sent to their own personal card or an outside account. Once you follow their instructions, the scammer will take the money and run.        

  • How to avoid fake refund scams: Avoid refunding the money to a different account. Instead, try canceling the transaction or reaching out to PayPal for help.

So, is PayPal safe? How PayPal protects its users 

Luckily, PayPal has implemented two different types of protection to help crack down on PayPal scammers and minimize the damage these scams can cause. But it’s important to keep in mind that not every transaction is covered. To better understand how you’re protected, let’s look at the protection features PayPal offers its buyers and sellers. 

PayPal Buyer Protection

With PayPal Buyer Protection, the purchaser is allowed a full refund of any qualifying transaction. For the transaction to qualify, the buyer must:         

  • Pay with PayPal        
  • Make a singular payment
  • Keep their account in good standing
  • File the complaint within 180 days of the purchase date

This protection only covers physical goods that comply with PayPal’s terms of service. Common examples of items  that are not covered include motorized vehicles, real estate, travel tickets, gift cards, and custom-made items.

PayPal Seller Protection

On the other hand, PayPal also has guidelines in place to help protect sellers. With PayPal Seller Protection, the seller is able to retain the full purchase price in the event something goes wrong. For a sale to qualify, the seller must:        

  • Have a primary address in the U.S.
  • Sell physical, tangible items
  • Ship to the listed address on the Transaction Details page
  • Supply valid proof of shipment or delivery

If the sale meets these requirements, PayPal will ensure that the seller receives their money after delivering the products. Even though PayPal will protect you in the case a transaction is covered by its protection policy, it’s important to pay attention and keep an eye out for any clues that you could be dealing with an online scam

How to spot PayPal scams: 6 warning signs

While these PayPal scams vary in context, many of them share similar traits that can help you identify when you’re dealing with a scam. To quickly detect a PayPal scam, keep an eye out for these six warning signs:         

  • Suspicious display name or email address: Whenever you receive an email that appears to be from PayPal, take a closer look at the sender’s address and display name. Some emails may have “PayPal Support” as the display name even though the email address might be something different, like “paypalhelp8734yh@gmail.com,” for example.
  • Sense of urgency: Many PayPal scammers use social engineering tactics to help create a sense of urgency in their messages. The point of this is to try to get you to act fast and follow their instructions before you notice it’s a scam.
  • Generic greeting: PayPal scam messages often include generic greetings such as “Dear Customer” or “Dear PayPal user.” In a real PayPal email, you’ll be addressed by the name you used when setting up your account. 
  • Requests for personal information: Legitimate PayPal emails will never ask you for sensitive information like your credit card number or password. If you get an email requesting this information, it is likely a scam.
  • Suspicious links or attachments: Even in a realistic-looking email, it's always best to thoroughly observe links before clicking. You can do this by hovering your mouse over the link or by copying and pasting the link address into a text document. It’s also important to note that legitimate PayPal emails will never include attachments, so if you see one, it’s best to treat it as a scam.
  • Spelling and grammatical errors: Unlike real communications from PayPal, messages associated with PayPal scams are often poorly written and riddled with spelling and grammatical errors.  
A graphic highlights the common warning signs of PayPal scams.

With these warning signs in mind, you can confidently use PayPal to buy and sell, knowing you have the  knowledge to help identify any sneaky PayPal scams that may be thrown your way.

How to avoid PayPal scams: 13 cybersecurity tips

Now that you’re aware of PayPal scams and what they look like, you might wonder how you can avoid them altogether. While scammers are always on the move and looking for new ways to trick people, there are tips you can follow to reduce your chances of getting scammed. To help avoid PayPal scams, follow these tips:         

  • Don’t send money outside of PayPal: To ensure you’re protected by PayPal’s Buyer and Seller Protection, it's best to always limit your transactions to PayPal’s official application and website.
  • Avoid clicking on suspicious links and attachments: If you ever receive an email claiming to be from PayPal, avoid clicking any links or attachments and instead visit the website or application yourself. If there are any legitimate concerns with your account, you should be able to monitor the activity directly in your browser or on the app. This can prevent you from accidentally installing any malware or visiting an unsafe site.·        
  • Always choose your desired shipping method: If you're the seller, be sure to choose a shipping service that If you're the seller, be sure to choose a shipping service that you’re comfortable with. If you instead use a prepaid shipping label from the buyer, it's possible you could be sending the package to a fake address created by the seller to scam you.
  • Only ship to the address listed on PayPal: To maximize your chances of protection, only ship to the address listed on the official Transaction Details page on PayPal. By doing so, you’re meeting one of PayPal’s Seller Protection standards and decreasing your chances of falling for a shipping address scam.
  • Disable package rerouting: Depending on your shipping method, it may be possible to prevent the buyer from rerouting your package once it’s shipped. By disabling package rerouting, you can prevent the buyer from altering the shipping address and claiming that they never received the package. 
  • Stick to verified accounts: To verify a PayPal account, users have to prove that they own the financial details associated with their account. While a verified account may still try to scam you, it’s possible that it may be a safer bet than conducting business with an unverified one.
  • Double-check the sender’s email address: Because so many PayPal scams involve phishing emails, you’ll always want to take a closer look at the sender’s email address before engaging with the message. If you’re ever in doubt, visit PayPal’s website directly instead of following any links.
  • Safeguard your personal information: To help avoid PayPal scams, it’s crucial that you safeguard personal information such as your login credentials, credit card numbers, and any other information that could be used to break into your account. Not only can this prevent a PayPal scam, but it could also protect you from identity theft.
  • Enable spam filters: Using spam filters can help keep some PayPal spam emails from ever reaching your inbox. If one does make it through, be sure to block the sender and mark the message as spam.
  • Regularly monitor your account: Keeping a close eye on your PayPal account is a great way to avoid getting scammed. That way, if you ever notice anything suspicious, you can get ahead of it and reach out to PayPal for help. If you don’t monitor your account regularly, it’s possible that a scammer could make transactions on your account without you even knowing.
  • Create a strong password: Whether it’s your PayPal account or your fantasy football login, choosing a secure password is an excellent way to boost your cybersecurity. By using a strong password, you can decrease the chances of your PayPal account being hacked by a scammer.
  • Enable two-factor authentication: Setting up 2FA on your PayPal account is a great way to prevent any intruders from accessing your account. With 2FA enabled, a hacker will have a hard time getting into your account even if they find your password. 
  • Use antivirus software: Installing antivirus software on your device is an effective way to help protect yourself from the threats associated with PayPal scams, including types of malware like ransomware.  
A graphic highlights prevention tips that can help protect you from PayPal scams.

Even after following all these prevention tips, accidents still occur. If you’re affected by a PayPal scam, it’s key that you report the scam and follow PayPal’s instructions. To help you learn more about the reporting process, we’ve gathered the steps you need to take to report a PayPal scam.

What to do if you get scammed on PayPal: How to report a PayPal scam

If you think you’ve been involved in a PayPal scam, one of the most important things you can do is quickly secure your account. You can do this by changing your password and updating your security questions. That way, if a scammer gained access to your account, they’ll now be unable to log back in.  

Next, you’ll want to report the scam to PayPal and follow their instructions based on the specific type of scam you’ve encountered. Below, you’ll find the steps to take for some common PayPal scams.  

If you receive a phishing email that claims to be from PayPal:

  1. Forward the email to phishing@paypal.com.
  2. Delete the email.
  3. If you engaged with the email, log in to your PayPal account and check for any suspicious activity.
  4. Change your password. 

If you receive an email that you believe to be from PayPal:       

  1. Visit PayPal.com or the application directly and log in to your account.
  2. Go to the Message Center.
  3. Review your messages (any legitimate messages from PayPal will be found here) and follow the provided steps. 

If you notice an unauthorized transaction on your account:       

  1. Visit PayPal.com directly and log in to your account.
  2. Navigate to the bottom of any page and click “Resolution Center.”
  3. Click “Report a Problem.”     
  4. Select the unauthorized transaction and then click “Continue.”
  5. Choose “I want to report unauthorized activity.”
  6. Click “Continue.”
  7. Follow the provided instructions. 

If you didn’t get what you paid for or suspect the account you’re dealing with is a scammer:        

  1. Visit PayPal.com directly and log in to your account.
  2. Navigate to the bottom of any page and click “Resolution Center.”
  3. Click “Report a Problem.”
  4. Select the suspicious transaction and then click “Continue.”
  5. Choose “I didn’t receive an item I purchased…” or “I want to report unauthorized activity.”
  6. Click “Continue.”
  7. Follow the provided instructions. 

By following these steps, not only are you protecting yourself, but you may also help terminate a scammer's account, preventing them from scamming someone else in the future. To help stay Cyber Safe across the web, always use extra caution when using any payment apps or digital wallets.

FAQs about PayPal scams

Still have questions? Follow along to learn the answers to common questions surrounding PayPal scams.

How do I know if a PayPal email is real?

In simple terms, a PayPal email is real if it comes from a “paypal.com” email address. But because sophisticated email scammers may be able to impersonate PayPal’s official email address, it’s crucial to look for other signs of a scam, including:        

  • Suspicious display name
  • Sense of urgency
  • Generic greeting
  • Requests for personal information
  • Suspicious links and attachments
  • Spelling and grammatical errors

Does PayPal send text messages?

Yes, PayPal does send text messages. While some PayPal text messages might be legitimate (often for 2FA  purposes), it's important to note that they could be smishing associated with a PayPal text scam. Because of this,  avoid sharing any personal information or clicking any links associated with a text message you’re unsure of.

Is PayPal safe to use?

Generally speaking, PayPal is a safe way to transfer money and shop online. But no payment platform is perfectly safe, and scams do exist — that’s why you should always use caution whenever you use PayPal.

Does PayPal protect against fraud?

PayPal monitors every transaction to help protect against fraud, identity theft, and email phishing. With that in mind, it’s still important to practice caution and use common sense when using PayPal.

Will PayPal refund me if I’m hacked or scammed?

Yes, PayPal will provide a refund if the specific incident is eligible for coverage by its Buyer Protection or Seller Protection policies.

Clare Stouffer
  • Clare Stouffer
  • Gen employee
Clare Stouffer, a Gen employee, is a writer and editor for the company’s blogs. She covers various topics in cybersecurity.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 

Contents

    Want more?

    Follow us for all the latest news, tips and updates.