Protect against hacking

Install Norton 360 with LifeLock Select to make your digital life more secure and help protect against scams, hacking, and other threats. 

Protect against hacking

Install Norton 360 with LifeLock Select to help protect against scams, hacking, and other threats. 

Protect against hacking

Install Norton 360 with LifeLock Select to help protect against scams, hacking, and other threats. 

15 PayPal scams to know and avoid in 2024

A woman checks the PayPal app.

Chances are you’ll encounter a PayPal scam at some point if you use the payment platform regularly. You might even fall for it if you don’t know what to look for. In this article, we’ll tell you how to identify giveaway scams, romance scams, and more. You’ll also learn how to use tools like Norton™ 360 with LifeLock™ Select to help block hackers and protect against identity theft.

Imagine you’re scrolling through your inbox, and you see an email warning that says your PayPal account has been compromised. Your heart starts to race since all your debit and credit cards are linked to the account. You quickly read on and find that all you have to do to secure your account is click the link in the email, log in, and reset your password. 

Seems easy enough, right?

Unfortunately, this email may be the actual threat. What’s worse? It’s just one ploy PayPal scammers use to take advantage of the payment platform’s users. Here are some other scams you might see on PayPal: 

  • Tech support scam
  • Verification scam
  • Invoice scam
  • Debt collection scam
  • Shipping scam
  • Phishing scam
  • Government scam
  • Contest or giveaway scam
  • Alternate payment scam
  • Employment scam
  • Romance scam
  • Charity scam
  • Cryptocurrency scam
  • Advance fee scam
  • Overpayment scam

How do PayPal scams work?

PayPal scams usually use one of two tactics: social engineering or phishing. With both, scammers trick users into willingly sending their money or financial information. Here’s how these strategies usually play out:

  • Phishing: Scammers use phishing links that direct them to spoofed websites in messages that appear to be from PayPal. From there, the target can “log in” and make a payment—unknowingly routing their hard-earned cash to the scammer.
  • Social engineering: Scammers employ social engineering in a PayPal scam to persuade their target into disclosing sensitive information or authorizing payments they usually wouldn’t. These social engineering tactics might include creating a sense of urgency, instilling fear, or impersonating someone trustworthy.

Signs of a PayPal scammer

PayPal scams can fall into several different categories, but they all tend to share some of the same traits. We’ll break those traits down below.

A graphic highlights the common warning signs of PayPal scams.

That being said, the person you’re talking to (or sending money to) might be a scammer if they:

  • Use the wrong email address: Someone who actually works at PayPal will have an email address ending in “@paypal.com.” Spammy iterations like “paypalhelp8734yh@gmail.com” should set off alarm bells.
  • Create a sense of urgency: PayPal scammers may adopt an urgent tone in hopes that you will rush into action and make a mistake.
  • Use generic greetings: PayPal scam messages often include generic greetings such as “Dear Customer” or “Dear PayPal user” instead of calling you by name.
  • Send suspicious links: Always closely look at links before clicking—even if they look realistic. You can do this by hovering your mouse over the link or copying and pasting the link address into a text document.
  • Request personal information: PayPal will never ask for sensitive financial or identifying information like your credit card number or password.
  • Make spelling and grammar errors: PayPal scam messages are often poorly written with spelling and grammar errors. Slow down and read emails to catch small mistakes and giveaways.

Additional signs could be that they:

  • Make unrealistic promises: Unrealistic promises, opportunities, and guarantees are all signs of PayPal scams.
  • Play on your emotions: Scammers often use psychology to exploit people’s feelings and emotionally manipulate their victims.
  • Request money before completion: Requesting money before a service is complete is a major red flag—legitimate sellers will deliver the promised goods or services before asking you to make a payment.
  • Use spoofed emails and websites: Spoofed emails or websites typically have subtle variations in domain names or email addresses. Check the spelling of these elements to catch phony websites.

In a nutshell, you should always keep an eye out for suspicious emails, websites, and requests, since scammers are constantly innovating. This will help protect you from online payment scams as they evolve. With the knowledge to identify PayPal scams and their warning signs, you can confidently use the platform to buy and sell.

15 of the latest PayPal scams to be aware of

Whether you use the PayPal app to pay friends or to buy or sell items, there are some scams you should be aware of before using the money management platform. Here’s a round-up of the PayPal scams you need to know about in 2024:

1. PayPal tech support or customer service scam

Customer service and tech support scammers sometimes pretend to be PayPal employees to lull users into a false sense of security. Because they appear to be an authority, users are more likely to grant the cybercriminals remote device access or approve a transaction. Remember that real support teams will only offer to help if you ask them to, and they will never ask you to pay to fix an issue.

Example of a PayPal customer service scam message.

 

  • Red flags: Requests to access your account or device, unsolicited offers of help, payment requests, pressure tactics, and generic greetings.
  • How to prevent it: Only communicate with customer service through the official app or website.

2. PayPal verification scam

Fake verification scams mostly use phishing emails. In a fake verification scam, you’ll receive an email that looks like it’s from PayPal. It will include a link where they say you can reset your password. Because a PayPal scam email isn’t actually from PayPal, following the link will likely lead you to an unsafe website that will steal your personal information and allow hackers to take over your account.

Example of a PayPal account verification scam message.

 

  • Red flags: Generic greetings, unsolicited emails or messages requesting immediate attention, links leading to unofficial websites, and requests for sensitive information like passwords or financial details.
  • How to prevent it: Visit the PayPal website or app to verify your information securely instead of clicking on a link in an email.

3. PayPal invoice scam

In PayPal invoice scams, cybercriminals create realistic invoices to trick users into paying for products or services they didn’t want or receive. If the scammer is particularly clever, the invoice might even appear to be from a store you previously shopped at. Depending on the scammer, you might receive this fake invoice via text or email; most times, it will include a link directing you to a spoofed website.

Example of a PayPal invoice scam message.

 

  • Red flags: Invoices for unfamiliar purchases, communications from suspicious email addresses, lack of details about supposed purchases, and spammy or misspelled links.
  • How to prevent it: Review invoices on the PayPal app or website, check your order history if you don’t remember buying anything, and contact the seller if anything is off.

4. PayPal debt collection scam

In PayPal debt collection scams, cybercriminals trick people into paying money they don’t owe by threatening them with legal action and other serious consequences. The hope is that the user will be so scared that they will make a payment without asking questions.

Example of a PayPal debt collection scam message.

 

  • Red flags: Unexpected contact, pressure tactics, refusal to verify debt, and requests for unusual types of payments.
  • How to prevent it: Ask anyone claiming to be a debt collector to provide proof of your debt before you make a payment, and don’t give out your personal information.

5. PayPal shipping scam

In this type of PayPal scam, the cybercriminal will intentionally provide an invalid delivery address when purchasing your product. Then, the scammer will directly contact the delivery company and update their address. Once the scammer receives the package, they'll tell PayPal they never got it and request a refund.

Example of a PayPal package shipping scam.

 

  • Red flags: Odd shipping charges, new address changes, phony customs declarations, requests for personal information, and suspicious delivery confirmation links.
  • How to prevent it: Only ship the package to the address listed on the Transaction Details page and ask buyers to confirm their shipping address.

6. PayPal phishing scams

In PayPal phishing scams, the cybercriminal sends unsolicited emails or text messages pretending to be a part of PayPal’s support team. These PayPal spam messages claim to be fraud or suspicious activity alerts, but they’re actually infected with malicious links.

Example of a PayPal phishing scam message.

 

  • Red flags: Urgent language, password change requests, and misspelled URLs.
  • How to prevent it: Instead of clicking a link in an email or text message, visit PayPal’s website directly to check on your account.

7. PayPal government scam

Some scammers impersonate government officials to scare and defraud their targets. As part of a government scam, the cybercriminal might claim the target owes taxes, fines, or fees. To top it off, they generally tell the user that they have to make a large PayPal payment immediately. If they refuse, the scammer threatens to arrest or sue them until they do.

Example of a PayPal government scam message.

 

  • Red flags: Bizarre requests for immediate PayPal payments, lawsuit threats, and suspicious links.
  • How to prevent it: Verify that the message you received is real by contacting the office that supposedly sent it.

8. PayPal contest or giveaway scam

PayPal contest and giveaway scams happen when scammers lie and tell people they won a prize. Once they convince the person that there’s a prize waiting for them, they prey on the person’s excitement to trick them into sharing personal information or even sending money on PayPal to cover made-up expenses like taxes or administrative fees.

Example of a PayPal giveaway scam message.

 

  • Red flags: Suspicious links and requests for payment, or claims that you won a contest you didn’t enter.
  • How to prevent it: Avoid PayPal contests and giveaway scams by thoroughly reading contest rules and confirming that you won on the official website.

9. PayPal alternate payment scam

A stranger might ask you to use PayPal’s Friends and Family option since this eliminates costly fees. The catch is that this payment option doesn’t allow you to pay for goods, so you’ll be left defenseless if the person scams you.

Example of a PayPal alternate payment scam message.

 

  • Red flags: Requests to remove PayPal’s buyer or seller protections.
  • How to prevent it: Avoid using PayPal’s Friends and Family option when exchanging money with strangers.

10. PayPal employment scam

A PayPal employment scam involves a scammer posing as an employer or recruiter and making fraudulent job offers. These scammers may seek to get personal information or money. In many cases, the fraudster will claim that you must pay for onboarding and other job-related expenses to get the job.

Example of a PayPal employment scam message.

 

  • Red flags: Nonspecific and unexpected job offers, too-good-to-be-true opportunities, and overly intrusive requests for personal information.
  • How to prevent it: Read online reviews about the company to determine if they’ve scammed others, and never pay upfront costs.

11. PayPal romance scam

A PayPal romance scam happens when a cybercriminal forms a fake online relationship with their target. Over time, they gain the person’s trust and exploit their emotions for financial gain. To convince the person to send the money, the scammer might make up fake emergencies and create a sense of urgency so the target will quickly send funds through PayPal.

Example of a PayPal romance scam message.

 

  • Red flags: Fast proclamations of love and inappropriate requests for financial assistance.
  • How to prevent it: Verify the person’s identity by looking them up online, reverse search any images you have of them, and ask them to video call you.

12. PayPal charity scam

In a charity scam, cybercriminals ask people for donations and request that they send the payment through PayPal. They’ll make broad claims about the good the donation will do and might even pretend to take up a specific cause. These scams often use emotional narratives to manipulate people into sending money. Then, the scammer steals the funds for themselves.

Example of a PayPal charity scam message.

 

  • Red flags: Donation requests from strangers, suspicious donation links, and a refusal to share specifics about how they will use your money.
  • How to prevent it: Research charitable organizations before agreeing to donate to make sure your money is going to the right place.

13. PayPal cryptocurrency scam

In a PayPal cryptocurrency scam, cybercriminals pose as sellers or traders. They reel in their targets by making grand promises, money-back guarantees, and more. Then, once the hopeful investor pays for the crypto via PayPal, the scammer takes the money and disappears without delivering the promised digital assets.

Example of a PayPal cryptocurrency scam.

 

  • Red flags: Unsolicited investment opportunities and guarantees of unrealistically high returns without details.
  • How to prevent it: Do your research to determine if an investment opportunity is real before buying it.

14. Advance fee scam

Another way that scammers trick PayPal users is with advance payment scams. In an advance payment scam, the cybercriminal will come up with a reason for why you need to send the money before they deliver the promised product or service. They might claim that it’s a deposit or that they’ll use it for shipping, but in the end, they don’t deliver at all, or you receive low-quality goods.

Example of a PayPal advance fee scam.

 

  • Red flags: Demands for payment before delivering what they promised or trying to sell you something without giving details.
  • How to prevent it: Avoid giving personal information or distributing funds to an unverified PayPal account.

15. Overpayment scam

In a PayPal overpayment scam, the cybercriminal purposely overpays you for a product and asks you to refund the difference, often to a different account or outside source. Once you refund the money, the scammer cancels their original payment (or the bank may take it back if the funds were originally stolen)—leaving you with less than you started with.

Example of a PayPal overpayment scam.

 

Red flags: Buyer sends more money than you asked for and requests a refund for the amount they overpaid.

How to prevent it: Instead of refunding the buyer, ask them to return the product and cancel the transaction to ensure your safety.

How to avoid PayPal scams

You can avoid falling prey to PayPal scams by taking a proactive approach to online security and financial safety—here’s how:

  • Visit secure sites: If the URL looks off, it may be a spoofed website designed to look like the real PayPal site. Type the URL yourself so the scammer can’t reroute you to an unsafe website.
  • Don’t say too much: Keep your personal information, like your password, bank account information, and verification codes private to stop unauthorized users from accessing your account.
  • Report suspicious emails: Contact PayPal customer support if you receive a suspicious email.
  • Use spam filters: Email spam filters can help you avoid PayPal scams by automatically identifying and filtering out messages likely to be phishing attempts.
  • Enable two-factor authentication: Two-factor authentication helps protect against PayPal scams by making it harder for scammers to take over your account even if they do get ahold of your login information.
  • Avoid unverified users:  To stay clear of cybercriminals, only interact with verified buyers and sellers who have proven trustworthy.
  • Use antivirus software: Use antivirus software like Norton 360 with LifeLock Select to detect PayPal scams and block malware that scammers can use to steal your information.

Protect your digital life

Now you know some effective ways to safeguard your money when you use mobile payment apps like PayPal. Still, you can never be too safe when protecting your funds or identity online. Err on the safe side and try out a cybersecurity tool like Norton 360 with LifeLock Select that can help block hackers from infiltrating your device, keep them from taking over your PayPal account, and alert you to identity theft threats.

FAQs about PayPal

Still have questions about PayPal scams and how you can use the payment platform safely? Read on to learn more.

Is PayPal safe?

Many consider PayPal one of the most secure mobile payment platforms. The company encrypts all transactions, monitors suspicious activities, and offers advanced security measures like:

  • Fraudulent charge detection
  • Email payment confirmations
  • Safe sensitive data storage

What does PayPal do to protect users?

PayPal offers buyer and seller protection. Unfortunately they don’t insure every transaction, but they do:

  • Give full refunds if items arrive late or the product description is inaccurate.
  • Protect sellers from unfair chargebacks and reversals.

What should I do if I fall for a PayPal scam?

If you fall victim to a PayPal scam, follow these steps:

  1. Immediately report the incident to PayPal's Resolution Center.
  2. Change your PayPal password.
  3. Contact your bank if necessary and monitor your accounts for any unauthorized activities.
  4. Consider reporting PayPal scams to relevant authorities (e.g., local law enforcement or the Federal Trade Commission).

How can I tell if a PayPal email is real?

PayPal email scams are more likely to be legitimate if the sender:

  • Has an official PayPal email address.
  • Doesn’t ask for inappropriate details like your login information or verification codes.
  • Includes links that appear to be official when you hover over them to check the URL.

If you’re still not sure, you can also log into your PayPal account and check your notifications for official updates.

Does PayPal send text messages?

Yes, PayPal may send text messages for security alerts or two-factor authentication codes. However, they will never ask for sensitive information like passwords over text. You should also know that official messages will come from a short code number like 729725 (PAYPAL) or 72975 (PAYPL). 

Luis Corrons
  • Luis Corrons
Luis Corrons is a Security Evangelist for Gen (Avast, AVG, Avira, Norton) & leads boards at AMTSO & MUTE. He is a prominent speaker at industry events.

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 

Contents

    Want more?

    Follow us for all the latest news, tips and updates.