How to spot and avoid PayPal scams

Is PayPal safe?

PayPal is safe to use for paying, receiving money and online shopping, thanks to its end-to-end encryption and good reputation as a secure payment service. It also provides Seller and Buyer Protection that reduce the risk of not receiving your money or the products you paid for.

Paying with PayPal is also safe because the seller receives no financial details, such as your credit card or bank account number. So, instead of giving your details to every shop you buy from, you limit the number of places where criminals could potentially steal them to just one.

However, with more than 400 million users worldwide, PayPal’s popularity has also attracted fraudsters and online scammers looking for victims. Even if using PayPal is secure, many scams are done in its name that exploit the brand’s reputation and massive user base.

Common threats on PayPal

To get their hands on your money and personal or financial information, PayPal scammers rely on many common methods used also on other online services. Look out for these PayPal scams.

PayPal phishing scams

PayPal is far from the only online service involved in phishing scams. Many consumers who do not even own a PayPal account might have received an email warning that their account is at risk, or there has been some suspicious activity or transactions.

These phishing emails are usually, but not always, easy to spot: just look for typos, poor grammar and unusual sender information. If you receive a suspicious email from PayPal, do not click any links it might contain. These will direct you to a fake website controlled by scammers trying to steal your private information, including the password to your PayPal account.

Link to a fake website

A fake PayPal site can be difficult to identify when done with attention to detail. The site may look like the real PayPal login page, but in reality, it is used to steal your password. Stay away from scam websites that look like the real PayPal site but have a different URL than www.paypal.com or contain incorrect and out-of-date information or poorly written text. You can check the safety of a shopping website with F‑Secure’s Online Shopping Checker.

PayPal overpayment scams

A so-called overpayment scam involves the buyer paying more than they should have to the seller’s PayPal account. After the accidental overpayment, the buyer asks for a refund of the difference. The overpayment may be done to cover the shipping fees or give a generous bonus to the seller. In reality, the seller should be alert at this point and never wire the extra payment.

If the overpayment is refunded to the buyer, they can cancel the original payment and leave the seller short of the amount they had sent. If they are unlucky, the seller may have already shipped the product, losing the sold goods as well. You do not need to worry about the overpayment scam if you are using PayPal just for online shopping. However, be wary of this scam when selling to other people who use PayPal to pay.

Advance fee scam

The advance fee scam is much like the infamous Nigerian prince scam. In both scams someone asks for a small advance payment so that they can send you an even greater amount in return. After you have sent the other person — who definitely uses a fake identity — your money, you are unlikely to hear back from them.

PayPal scammers are good at coming up with reasons for the advance fee. It can be anything from covering the shipping of a product or an unimaginable amount of money you have inherited. Do not send any advance fees to avoid getting scammed this way. There are not too many valid reasons for doing this, and the risk of getting scammed is high.

How to report a PayPal scam?

Whether you fall for a scam on PayPal or not, reporting fake websites, phishing messages, and other forms of fraud helps PayPal make its service safer. And it is not just PayPal scams that you should report. All services where money and people’s personal information are at stake can be targets of scam attempts and other forms of cyber crime.

PayPal instructs users to report any fishy email messages by forwarding them to phishing@paypal.com, so they can check whether the email is a scam or not. Delete the suspicious mail after sending it to PayPal for inspection.

Protect your PayPal account and pay safely

Keeping your money safe on the internet requires comprehensive protection, especially if you are using an unfamiliar online store or doing your shopping on public Wi‑Fi. There is also a lot you can do yourself to avoid falling for PayPal scams and use the internet safely.

• Handle your money with care. When dealing with online payments and shopping online, think twice about whom you want to trust your money and financial details with. Do not pay sketchy invoices or give your credit card number to unverified sellers.
• Do not share personal information. A PayPal phishing scam can compromise your personal information, which can be used for identity theft.
• Use strong passwords. All your accounts should be equipped with a strong and unique password that is hard to guess and is not used anywhere else. Generate new passwords and store them with a password manager.
• Activate two-factor authentication. Scammers can steal your password but will have a harder time accessing your PayPal account if you have two-factor authentication enabled.
• Browse with a VPN connection. Many PayPal users do their shopping or access their account on public Wi‑Fi that may lack the necessary encryption or is set up to snoop on your information. Turn on a VPN and do your online shopping and browsing privately with a secure connection.
• Use an antivirus. In addition to stealing your money and information, scammers can spread malicious software with phishing scams disguised as PayPal emails. F‑Secure’s advanced antivirus stops malware infections and identifies harmful websites.