How To Spot and Avoid a PayPal Scam

Although the convenience of PayPal helps you send and receive money easier, there are also cybersecurity risks involved with any online service. It is important to look out for scams when you use PayPal so your money and personal information are protected. 

While PayPal also has many policies in place to help protect you as well, it's best to avoid scams before they happen. We'll help you recognize some of the most common PayPal scams, plus learn how to protect yourself from identity theft and fraud with the best identity theft protection.

Is PayPal safe to use?

Overall, PayPal is very safe, and the company has many programs in place to help you stay safe online and remedy any issues that may arise. Here are a few protection programs that help buyers and sellers on PayPal.

PayPal monitors activity 24/7 to protect both buyers and sellers. Through its PayPal Purchase Protection, the company protects buyers if they receive a product that doesn’t meet expectations or does not receive any product at all. The protection covers any purchase made through the PayPal site or made using PayPal. On the PayPal site, you can review its buyer protections.

For sellers, PayPal also offers protection. The company covers goods that are shipped from within the U.S. PayPal also protects intangible goods that meet certain requirements. These protections help sellers when a buyer files a dispute after a transaction.

13 most common PayPal scams

The most common scams on PayPal are similar to other online scams. You’ll want to watch out for phishing scams, suspicious links, and other fraudulent activity to help keep yourself safe. Here are 13 common PayPal scams to look for.

1. Phishing scams

One of the most popular cybercrimes is phishing scams. These scams use email to get you to disclose your personal information. PayPal scammers can then use that information to gain access to your other accounts.

Here are some ways to identify a phishing scam:

1. Generic greetings: PayPal will always use the full account name when sending you any communication. Be wary of anything that begins with “Dear Sir or Madam” or other generic greetings.
2. Unknown sender: Just because the email says it is from PayPal, it may not be. With your mouse, hover over the “From” address to confirm it is from PayPal. It shouldn't be trusted if it is not an official PayPal email address.
3. Attachments: Many scammers use attachments with the hopes that you’ll unsuspectingly download them. These attachments can have malware that penetrates your device and give scammers access to information.

There are many more red flags when it comes to PayPal phishing scams. Also look for simple typos, weird formatting issues, and other things that may seem less professional than PayPal. You can find more tips on avoiding phishing email scams from the Federal Trade Commission.

2. Fake emails

Much like a phishing scam, scammers use fake emails to access your information. These fake emails will look like they came directly from PayPal and may ask you to click a link to log in to your account or confirm information. If you receive an email from PayPal that seems suspicious, check the email from which it was sent and look at the URL of any links before clicking on them.

3. Smishing scams

Similar to phishing, smishing uses text messaging to try and gain personal information. You may receive a text message from someone pretending to be PayPal. They may ask you to reply with information or have you click a link to confirm something on your account. In many cases, these may be text messages alerting you to suspected fraud and asking you to confirm the action on your account.

4. Shipping address scams

When making a purchase, scammers will put in an invalid delivery address. Once payment clears and the delivery has been attempted several times, the shipping company will flag it as undeliverable. The scammer will contact the shipping company directly and change the delivery address.

After receiving the shipment, the scammer will file a complaint with PayPal. The seller will not have any proof of delivery because the PayPal order will still list the invalid address.

To mitigate this risk, always check that a shipping address is valid on the transaction details before shipment.

5. Unsolicited payment or transfer requests

Like many other common scams, it is important to be cautious around unexpected transactions or payments. A common scam involves scammers sending unrequested money to an account. Later, the scammer may request a refund from the seller and a chargeback from the credit card.

You should refund the payment immediately through PayPal if you receive unexpected payments.

6. Fake PayPal accounts

Scammers are always looking for another way to gain your trust, and creating fake accounts is another way. You’ve probably seen this often on social media, and PayPal is another site where fake accounts are prevalent. Before sending money, always confirm the person or business’s username for PayPal.

7. Two-factor authentication scams

Two-factor authentication (2FA) scams are becoming more and more common. As people start adding 2FA to their accounts, scammers look for other ways to infiltrate accounts.

In this scam, you may receive a text message with a code claiming to be for your PayPal account with a link. You click on the link, and it takes you to a PayPal lookalike account where you input the code. This allows scammers to gain access to your account, even though you have 2FA.

8. Hacked PayPal accounts

Although many scams involve fake accounts, sometimes a hacked account can be the problem. Scammers may be able to infiltrate a legitimate PayPal account and request money from the friends and family of the account. If you receive an odd request from someone you know, it is always a good idea to confirm they sent the request.

9. Fake promotional offers

You may receive emails about promotional offers through PayPal. These emails may offer you a discount, gift card, or another incentive for using PayPal. Although the email looks legitimate and from PayPal, the links in the email will take you to a fake PayPal website, where hackers can capture your login information.

10. Overpayment scams

You’re selling a product for $99, and someone sends you $150 through PayPal. They then ask if you’ll wire them the $51 difference back to their payment method. The purchaser may say that it was an accident, or they’re providing additional money for shipping and handling.

They could have made the purchase with a stolen credit card or hacked into someone’s account to make the purchase. If you send them the $51 and the actual cardholder disputes the charge, you’ll be out $150.

It is likely a scam if someone you don’t know asks you to wire them money. If this happens, you should cancel their order to avoid any issues.

11. Fake tracking numbers

You may also be the victim of a scam that involves fake tracking numbers or tracking numbers for items that are incorrect or have less value than what you purchased. These scams may be difficult to spot, so make sure you’re being diligent when purchasing online.

If the seller seems suspicious or out of the ordinary, it may be a scam you want to avoid before expecting a shipment. If you think you may be a victim of this scam, check the tracking number as soon as you receive it. If it does not work or seems fake, contact PayPal to report it.

12. PayPal “Friends and Family” group scams

PayPal doesn’t charge fees if you send money to your friends or family. In this case, a scammer may pressure you into sending a money transfer via the friends or family route instead of doing the transaction as a sale. The seller may do this because the friends or family option does not offer protections for the buyer through PayPal. Once you send money to a friend or family member, getting that money back is much more challenging.

13. Fake charities

Another common scam involves people acting as a charity or creating a fake charity to dupe you out of money. These scammers may create a fake email address to look like the charity or just pledge to pass that money along to the charity in your honor.

In either case, you should research any charity you plan to donate to and ensure that you send that donation through appropriate channels. You can investigate charities with Charity Navigator.

How to spot a PayPal scam

It is crucial to stay vigilant with your identity and personal information online. There are many ways to spot a scam, and here are a few things to look for:

• Typos and incorrect grammar
• Suspicious links
• Generic greeting
• Unknown sender
• Sense of urgency

If you notice any or all of these red flags, proceed with caution and make sure you are not compromising any of your personally identifiable information, such as your phone number or bank account information.

Tips to stay safe when using PayPal

To mitigate any scams on your PayPal account, you should make sure you’re working to keep your account safe. Here are some simple ways to protect yourself when using PayPal:

• Turn on 2FA for an additional step in the login process after the PayPal user inputs their password.
• Use complex passwords to keep your accounts safe.
• Use a password manager to track your unique passwords. We recommend trying out a free plan for NordPass to see if you like it.
• Check the email address of email senders.
• Report any scams to PayPal at spoof@paypal.com.

How to mitigate PayPal scam damage

Even if you know all the signs of a scam, it is still possible that a fraudster could infiltrate your account or find a way to steal your money. If that does happen, PayPal makes it easy to file a dispute, cancel a payment, or use a chargeback. Here are some ways to mitigate the damage if you’ve been scammed.

Cancel a pending payment

To cancel a pending PayPal payment:

1. Log in to your account and find the Activity page.
2. Navigate to My Money.
3. Select Find and Cancel Payments.
4. From here, you can cancel any pending payments.

If you’re unable to cancel a payment, you can file a dispute.

File a dispute

Need to file a dispute to PayPal for payment? Follow these steps.

1. Log in to your PayPal account.
2. Go to the Dispute Center.
3. Select Report a Problem.
4. Find the payment you’d like to dispute.
5. Follow any onscreen prompts about the dispute.

Use chargeback

A chargeback goes outside of PayPal and asks your credit card company to issue a refund because you didn’t receive the product or service for which you paid. For a buyer, you can follow your credit card’s dispute policy to reverse the charge. This is a simple task for all major cards that you can do through their app or website.

If you’re a seller and receive a chargeback from a customer you deem invalid or inappropriate, you can dispute this directly with PayPal. If you need to dispute a chargeback, you can do so in the Resolution Center. PayPal says it takes 30 days to dispute a chargeback and up to 75 days to resolve the issue.

From the Resolution Center, follow these steps:

1. Next to the case that needs resolution, select Respond under the Action button.
2. Read the details of the complaint and select Resolve Chargeback Now.
3. Choose the best option to justify your dispute (tracking information, proof of a refund, or accept the liability).
4. Provide evidence for the dispute.
5. Click continue and follow the instructions.

Sign up for identity theft protection

Along with helping you recover from fraud and scams, most identity theft protection services include bank account monitoring to help you spot fraud more quickly. Some also include dark web and social media monitoring to check for your personal data. After hours of testing, these are the identity theft protection services we recommend most:

• Norton LifeLock: LifeLock's plans provide up to $3 million in identity theft insurance — the most we've ever seen. Along with monitoring your bank accounts, LifeLock monitors your phone number to ensure only you have access to your personal accounts. 
  
  See LifeLock Plans | Read Our LifeLock Review
• Aura: If the internet is your second home, Aura can help protect you in both the physical and digital world. It uses AI to block spam calls and text, checks your devices for malware, and is on the lookout for Social Security number and online account theft.
  
  See Aura Plans | Read Our Aura Review
• Identity Guard: We always recommend checking your credit report regularly, and Identity Guard can help you do that. You'll also get alerts if anyone withdraws a certain amount from your bank account — you set the amount that triggers the alert. 
  
  See Identity Guard Plans | Read Our Identity Guard Review

4.9

AllAboutCookies writers and editors score products based on a number of objective features as well as our expert editorial assessment. Our partners do not influence how we rate products.

Editorial Rating

Learn More

On LifeLock's website

LifeLock

Up to 52% off first year when paid annually

• Top-rated identity theft protection service
• Provides up to $3 million in coverage
• Multiple monitoring features including dark web, home title, and social media monitoring
• Customer support experience is lacking

PayPal scam FAQs

Bottom line

Whether you’re using PayPal or any other online service, it is important to be vigilant in protecting your PII. If you receive any communication from PayPal that seems suspicious or fraudulent, you should proceed with caution. Common signs of a scam include poor grammar, generic greetings, an unnecessary sense of urgency, and suspicious email addresses or URLs. If you are the victim of a scam, you should change your password immediately and report the scam to PayPal.

Outside of the PayPal platform, you should be diligent in protecting your PII when browsing online. To do so, be cautious of websites, URLs, or links that seem suspicious, and do not enter any of your personal information into a website that seems out of the ordinary.

It is also good practice to use difficult, and unique, passwords for all of your accounts. You can use a password manager to help you manage all of these. If you think your information has been compromised, you should change your passwords immediately and notify PayPal or any other company of the concern. We also recommend investing in a high-quality identity theft protection service that helps you monitor for fraud and recover if cybercriminals make off with your hard-earned money.

4.9

AllAboutCookies writers and editors score products based on a number of objective features as well as our expert editorial assessment. Our partners do not influence how we rate products.

Editorial Rating

Learn More

On Aura Identity Theft's website

Aura Identity Theft

Up to 68% off Family Annual Plans

• Excellent identity theft protection service
• Includes a password manager and VPN
• Robust tools for children’s security
• Provides VantageScore and not FICO score updates

Author Details

Andrew Adams

About the Author

Andrew Strom Adams is a freelance writer focused on online privacy and digital security. He writes on various topics to help individuals protect themselves on the internet. Andrew has worked in legal marketing, technology, and startups. He has more than 12 years of experience in marketing and communications. He holds an M.B.A. from Westminster College and a B.A. in journalism from Oklahoma Baptist University. When he’s not writing, he’s playing with his two kids or watching reality TV.