How Scammers Target Your PayPal Account & How To Never Fall For It

Ads by Google

paypal scamsPayPal is one of the most important accounts you have online. Don’t get me wrong, I’m not a huge PayPal fan, but when it comes to your money, you don’t want to play around. While getting your Facebook account hijacked is a huge annoyance, it’s nothing like getting your money stolen out of your PayPal account. And the Paypal scammers know this too. That’s why PayPal is one of the most targeted accounts for phishing and scams – there’s real money to be had.

Having a strong password for your PayPal account is important, of course, but most PayPal account break-ins don’t happen because your password is not strong enough. You might be surprised to learn that many account breaches happen when users provide their login information voluntarily. Sounds crazy? This is exactly the way PayPal scammers work. While PayPal does offer security in these matters, you are very much better safe than sorry. So be informed on how scammers can target your PayPal account, and be sure you know exactly how to avoid being scammed.

Fake PayPal Emails

paypal scams


Fake PayPal emails are insanely common and surprisingly original. Every time I think I’ve heard it all, I read about a new variety of these phishing emails. And they just keep getting cleverer and more sophisticated. Fake PayPal emails can claim any of the following:

  • Your account has been limited due to an unauthorized transaction.
  • You’re entitled to a refund.
  • You’ve received a payment.
  • You’ve sent a payment.
  • You need to verify your account.
  • You need to provide information that will help protect you.
  • You need to confirm your email address.
  • You need to update your account information.

And so on and so forth. These are just the most common examples to the very persuading, worrying and tempting ways Paypal scam artists can get your attention in these fake PayPal emails. But what can these emails do to you? It’s usually one of three things:

Ads by Google

  • Persuade you to enter your login information on a fake website.
  • Persuade you to call a fake customer support number and provide your login information.
  • Trick you into opening an attachment which will install malware on your computer.

So we know these emails are common and persuading, and we know they’re pretty dangerous, so how can you still protect yourself?

Recognizing Fake Emails

1. Look at the sender’s address.

paypal scammers

When you get an email from PayPal, always check the “From” field to see who sent it. Many times, you’ll find ridiculous yet confusing things like,, etc. Sometimes it will even be “”, but looking carefully will reveal this is just the name of the sender, and the address is quite different.

In some cases, though, the Paypal scam artists are very smart, and the email does seem to come from the right email address for all intents and purposes. But don’t worry, you still have ways to find them out.

2. Look at the email’s greeting.

paypal scammers

A genuine PayPal email will always use your full name or business’ name in the opening. If you see something like “Dear PayPal Member”, “Dear PayPal Customer”, “Dear Customer”, “Hello”, “Dear member”, or anything to that effect, ignore it. This is a sure sign you’re dealing with a fake email.

Does the greeting say “Hello <your full name>”? Continue checking the next points to make sure.

3. Are there attachments?

Does the email ask you to “see the enclosed attachment for more details?” Is there anything at all attached to the email? If so, feel free to ignore it. Genuine PayPal emails never include attachments, and will always prompt you to log in to your account to see whatever you need to see.

No attachments? On to the next sign.

4. Are there links? Check them.

paypal scammers

If you look at your genuine PayPal emails you’ll find that most of them don’t contain links you need to click at all. This includes notifications of sent payments, money transfers, and others. Some emails, such as notifications about received payments or signing up for preapproved payments will include links. If you do see links, a great way to verify them is to hover over them and see where they actually lead (without clicking!). All genuine links will leads to***. If you see anything else, including the correct address in a non-secure website (http:// instead of https://), don’t click it, and ignore the email. Most scam emails will include links to fake websites, as this is a great way to steal your login information.

You can also examine the link’s text. Does it say something like “Click here to activate your account”? Or “Confirm my account”? These are most probably fake. But don’t ever rely on text alone, always check where a link leads to in order to make sure.

5. Does the email ask for personal information?

Does the email ask for any personal information such as credit or debit card numbers, bank account details, driver’s license number, email addresses, or passwords? Ignore, ignore, ignore. PayPal will never ask for any personal details in an email.

6. Grammar and spelling

paypal scam emails

This is a no-brainer, but it’s nonetheless important. Many of these Paypal scam emails are written in bad English and include grammar and spelling mistakes. Naturally, genuine PayPal emails don’t have mistakes, so this is a quick and easy way to tell them apart. Another telltale sign is the use of punctuation marks. “Attention!”, “Your PayPal Account has been limited!”, “Thank you for using your bank account!” “Cancel transaction!”, are all signs of a spoof email.

I Found A Fake Email, What Do I Do?

As I’ve said over and over again throughout this post, the best thing to do with these fake emails is ignore and delete them. If you want to help others avoid similar emails, you can forward the email as is to, and then promptly delete it. This will inform PayPal of the scam.

Fake PayPal Websites

Fake PayPal websites are an extension of fake emails, and are usually linked to within these emails. A fake PayPal website can look identical to the real PayPal, but when you try to log in, it will simply steal your username and password. Even if you’ve gone ahead and clicked a link in an email, not all is lost. Unless the website you’ve reached contains malicious scripts, you can still escape the scam.

Even if the website looks exactly like PayPal, stop for a minute and look at the address bar. Do you see this?

paypal scams

There are three things you need to look for:

  • Are you actually on a website?
  • If the address is actually, is it also https?
  • Do you see the lock symbol (doesn’t appear in IE9 or lower)?

If all three (or first two, if you’re using IE9 or lower) are present, you should be safe. However, always be sure to check these on the page you’re actually logging into. Some very sophisticated scams have been known to appear on a genuine PayPal server, and then lead you to another page where you’re asked to log in – this one a fake. So even if everything seems in order, make sure to double check before actually entering your login information.

Note: the green verification bar might not appear when you try making payments to third-party websites through PayPal. This does not  mean they’re fake. However, you should definitely look for it on any link you follow from a PayPal email.


Avoiding PayPal scams is not hard. To start with, many of these scam emails are already filtered to your spam folder. If for some reason one escapes through, following the tips lined out in this post should keep you safe from any tricks and phishing scams.

Have you encountered a sophisticated scam email from PayPal? Have you ever been tricked by one? Share your stories!

Image Credit: Softpedia

Ads by Google
From the Web

40 Comments - Write a Comment



Nice article. This is definitely something to keep around so I can forward it to someone if they need to know if an email’s fake or not (or even just as a general precaution).



Good article, and timely. I just spent the afternoon setting up a client with a commercial Paypal account, and hopefully this might slow the inevitable phone calls I’m going to be getting (once I go live with the shopping cart)!


El Geko

There is a very simple way to avoid problem.
When you receive a mail from Paypal (or else), never click no link from the mail and go, in another window, straight to your account, as you usually do.
Then, doing this, you’re not linked with the mail and if there’s a genuine problem (or info) that Paypal wanted to tell you about, it will be listed in your account anyway.
When I have a doubt, this is what I do. Never click a link from the mail, always go to the site straight from the browser.

Sanjeev Jain

Thanks for your suggestion.

Yaara Lancet

This is definitely an excellent tip. Thanks!



And not lastly – if you don’t already have one – do install a router and activate it its firewall! You might be surprised of this advice but you’ll be a whole lot more protected by a lot of dangers the are coming from outside of you Internet connection!


Damien Garcia

This article was kinda scary lol but helpful. Thanks for the heads up!

Yaara Lancet

No need to be scared, just open your eyes, use common sense, and you’ll stay safe. :)


Abba Jee

Bundle of thanks :) worth reading article :)


Alex Perkins

Thanks, gotta keep an eagle eye for these scams!


Sanjeev Jain

We just need to use our common sense to be safe on internet.


Roomy Naqvy

I have been very cautious with PayPal and have also reported few PayPal scam emails to PayPal but I am happy you wrote this article. A number of people fall for scams and this is certainly useful.


Glenn Hyde

Sometimes, I think about what’s going to happen when/if the bad guys successfully learn how to spell and use proper grammar … will inexperienced and gullible users then be able to tell them apart from the real thing just based on noticing bad spelling?


I agree. These scammers probably read all these articles to find out how to do a better job.

Yaara Lancet

Fortunately for us, no matter how hard they try they’ll never really be PayPal, so we can always know for sure at the end.

Yaara Lancet

That’s pretty funny. :) I find it surprising that most of these scam email still use bad grammar and spelling. I mean, come on, put a little effort into it!

Of course, bad grammar shouldn’t be the only thing you look for in a fake email, it’s just one thing that jumps our immediately.


The biggest shame is that our Jr. and Sr. High schoolers, all the way through college graduates, use such terrible grammar, punctuation and spelling that it’s getting harder and harder to tell who is really educated here.


Lynetta R.

I opened a bank account that I use only for Paypal and keep a very minimal amount of money in it and transfer funds to this account when making purchases through Paypal. I never leave very much in my Paypal account. They won’t get rich from hacking my account.

Yes I was hacked years ago and learned my lesson. Paypal is separate from the rest of my banking. I also can say that Paypal told me that I had been hacked before I even knew it. They really are watching out for their customers. They also refunded the money stolen.


Mac Witty

Still happy to say I have not get trapped. Got a tip early: never log in from a link in an email, always type the ulr yourself

Yaara Lancet

Yes, this is a good tip. Thanks!


Ahamed Yaseen

Needed article for everyone…


Christine St Syr Griffin

omg thank you i am so saving this article, i just opened a pay pal yesterday and find it a bit confusing, thanks ever so much, christine


Raman Bathina

A detailed article about how to protect from PayPal scammers.I have recently got a spam message in my gmail inbox named with Facebook and the message is “your Facebook profile has error please login with this page to avoid discontinuation services”,and they put an attachment with the name fb.html that is redirected to some fake page.Like this paypal messages are also arrived.



Well, the easiest way to avoid this is simply not to have a PayPal account. So far, I’ve managed to survive just fine without one. But if you do have one, clearly there is need to use some basic common sense!

Doug Foggin

I think that the article as I read it goes far beyond ‘basic common sense’, Infact the author has been quit specific about what to look for, do or not to do as it applies to the use of ones PayPal account. Thus not having a Paypal Account is not the easiest way to avoid the issue – common sense would seem to be that having a Paypal account is requisite for validating the contents of this detailed and informative article.


Philip Cohen

And the ugly reality of dealing with the clunky PayPal …


Methinks you protest too much.

I have read your strident screeds against “PrayPal” and “eBafia” on several occasions. To me it seems as if you are trying to discredit any entity that is not Visa or MasterCard.

BTW – I am sure that right this very minute there is someone on the ‘Net writing equally impassioned screeds against Visa and MasterCard

While buying and selling on eBay, I have never encountered the problems you claim are so widespread. Yes, there is favoritism on the part of eBay towards their biggest sellers but, while unfair, it is understandable. One always reserves one’s best treatment for one’s biggest and best customers.


Theodore Hammond

Common sense is your best protection from being scammed by anyone.




There are three things you need to look for:
?Are you actually on a website?
?If the address is actually, is it also https?
?Do you see the lock symbol (doesn’t appear in IE)?



Tina Sieber


I cannot answer for Yaara, but in regards to your extensive use of CAPITALS, I would like to draw your attention to something called netiquette.

Joseph Villa

Thanks for the Information and commenting on this article is another learning experience for me.

Netiquette is really something new to me and flaming through the use of uppercase letters was never my intention, I actually always do that because it helps me read articles better.

BTW, I still believe that this article needs some revision and thorough research must be done before writing one.

Yaara Lancet

Hi Joseph,

Thanks for the input, I really appreciate it! You’re right, I should have mentioned in the article that I’m referring to IE9 and downwards. Since I’m on Windows 7 I didn’t bother to upgrade to IE10, as it’s only a preview version, if I understand correctly.

It’s good to know that Microsoft finally added the verification feature in IE10, but the fact is that most users still don’t use it, so what I said is still relevant. I will add a noted saying that the feature does exist in IE10, though. Thanks!


rakingmuck (@rakingmuck)

I am dealing with a nightmare! A company posing as a trusted Twitter vendor hacked my Pay Pal Account ( for 13 months. Because the amounts were small I did not notice. vicconsult claims to provide an auto tweet service, which by the way, I would never use. Now this guy is threatening and harassing me and Twitter is doing nothing.

Yaara Lancet

Twitter is not going to do anything about it, I don’t believe. Did you try getting help from PayPal? If you can show them your account was hacked and this is happening without your consent, they might agree to help.






If you don’t have a pay pal account………..



Oh those dirty Romanians and Nigerians are still on the prowl asking so nicely for your Pay Pal account.



Just had an email telling me I’m near my limit and need to verify my details. Be alert people. the scammers are still out there.






I have been asked to set up an account by a potential buyer they asked for my paypal email, full name, firm price, zip code and cell number. Is this information that the purchase would need?

Your comment