The Paypal Phishing Scam You Should Care to Avoid

PayPal Phishing

Paypal is the widely-used money exchange app that allows people to pay for goods and services, send money to family members, and get paid for gig work. Users generally receive an email when there is an activity in their account.

The use of Paypal is so widespread that scammers with access to blocks of email addresses may send out thousands of emails with a high likelihood that a few people will fall into their trap. Or, the scammers may have hacked emails that are directly from a large shopping website that allows Paypal payments, therefore knowing that the individual being targeted is a Paypal user.

Data show that small businesses were the target of more than 40 percent of phishing attempts.
Paypal says the company never asks for personal information or account information in emails.

What Is Phishing?

When scammers send emails that seek to steal information through fraudulent messages it’s called phishing. These emails generally have similar characteristics:

  • a sense of urgency, such as telling the recipient that their account has been hacked, or that they must verify their identity
  • links that lead the recipient to a fake page made to look official
  • a demand for passwords, PIN numbers, or personal information that can be used in future fraud
  • official-looking email and website design that mimics the style and image of Paypal

How Hackers Target People For PayPal Phishing?

Scammers are able to get email addresses and other identifying information about people through data sold on the dark web, including the results of widespread hacks of businesses, banks, credit reporting agencies, and customer information kept by stores. Because Paypal has more than 360 million customers, it’s possible for scammers to send a phishing email to a wide variety of potential victims with a high likelihood that the majority have Paypal accounts.

These Phishing Emails Make Assertions That Require Immediate Attention, Such as:

  • claiming that there has been unusual account activity
  • requiring additional verification to ensure account security
  • accusing you of misusing your account and requiring immediate attention (“you are in violation of our Acceptable Use Policy” and must click on the link below to go to our dispute resolution center)
  • notifying the account holder that the account will be closed unless steps are taken immediately
  • telling you that Paypal has been hacked, so you must click on the link provided to reset your password and/or PIN

phishing scams

PayPal Phishing Email Examples

Always be cautious of unsolicited emails that require immediate attention. Because Paypal is connected to a bank account, people get concerned when they see an email that says their account has had an unusual activity or that it’s about to be closed. They will then click on a link provided rather than thinking through the situation and going to the Paypal website to log on as they normally would.

Other phishing emails claim that your account was overpaid for an item you’re selling, and wants a refund, or an email will falsely state that you received a payment via Paypal (so you should ship the item you’re selling) – always verify that the payment was received and you are not a victim of Paypal scam.

How To Recognize Suspicious Emails?

Scammers are getting better at phishing emails all the time. They may send out thousands in order to trick one person but the payoff is worthwhile. The common characteristics of potential phishing attacks include:

  • a generic greeting like “Dear user” or “Dear [email address] – Paypal always uses the customer’s accurate name or business name
  • a call to action that prompts you to act quickly without careful consideration
  • demanding a fee to release your account from suspension (such as through the purchase of gift cards or via Western Union Moneygram)
  • links to click for immediate “resolution” of the issue
  • requests for account information including password or PIN
  • slight differences in the usual website domain URL, such as a misspelling
  • poor English grammar and punctuation
  • a sender address that does not have the company URL or is slightly different

If you think that the email is suspicious you may do an email lookup. Alternatively, you can use an email verification tool to quickly and easily verify the validity of email addresses, allowing you to identify any suspicious emails that may be linked to fraudulent activity.

PayPal phishing scams

Where to Send The Phishing Emails?

Paypal has a process for researching fake emails and does what it can to root out fraud but most phishing emails are sent from outside of the country where there is little recourse. If you receive a phishing email pertaining to your Paypal account, forward it to If you’ve been a victim of a phishing attack, alert Paypal so it can monitor your account for fraudulent activity and change your password immediately.

How to Assure That PayPal Email is Not a Scam?

As with any phishing attacks, emails sent that claim to be from Paypal should look official, without any errors, including in grammar and punctuation. In addition:

  • the sender’s Paypal address should be correct (recent phishing emails are from a non-Paypal account that starts with “security@”)
  • disregard the links on the email that lead to the scammer’s fake Paypal website, instead of logging into Paypal from a different browser window and checking your account that way
  • the website that the email links to should have “HTTPS” in the URL to protect the privacy of your connection

Does PayPal Refund Hacked Money?

Paypal investigates fraud that is reported within 60 days of the event. There are specific situations for which the company refunds the money, including unauthorized transactions, counterfeit goods, missing shipments, and purchased items not as advertised. It is unclear if Paypal will refund any amount of money lost to phishing attacks if the individual accidentally gives access to their account.