Cybersecurity expert Theodor Porutiu from VPNOverview.com outlines the most common PayPal scams of 2023 and how to avoid them:
1. The “problem with your account” scam
Email is a scammer’s preferred method of stealing your money. You may receive a phishing email claiming an issue with your PayPal account, and the email will also include a link and a request that you click on it to log into your account. These scams are some of the most common social engineering attacks designed to gain access to your PayPal account.
2. The “promotional offer” or “you have money waiting” scam
With this scam, you receive an email offering a cash rebate or other financial incentive. The email will tell you that you must log in to your PayPal account to verify a few details to claim that reward.
Like other email scams, the link in the email directs you to a fake PayPal website. If you click on the link and enter your login credentials, the scammers get access to your credentials and can drain your account.
3. The “advance payment” scam
This scam plays on emotion, sending you an email notification that you’ve won, inherited, or are entitled in some other way to receive a considerable sum of money from an unexpected source.
The only catch is that you first must send a small sum via PayPal to cover transaction fees (or some other fake expense), but once you send the small sum, you never hear from the scammer again, and you are out the money you sent.
4. The “shipping address” scam
Scammers have a ton of shipping tricks up their sleeve to try and steal your money from PayPal. Unlike unsolicited emails that lead you to a fake PayPal site, these scam methods involve actually engaging with you on the real PayPal platform.
If you sell items online, then you’re the target audience for these scams. Several types of common PayPal scams involve shipping addresses including:
- The buyer wants to use a preferred shipping method: The buyer will ask you to ship their item using their preferred shipping company, easily reroute the package to a different address, then contact PayPal and file a claim for non-receipt and ask for a full refund. Since you cannot prove the item wasn’t received, you’re out the money, the item, and even the shipping fees.
- The buyer provides their own shipping label: The buyer will offer to send you a pre-paid shipping label, reroute the package to a different delivery address and claim they never received the item.
- The buyer gives a fake shipping address: When the shipping company cannot deliver the package to the invalid delivery address provided, the scammer will then step in and provide a new, legitimate delivery address, but since the package gets rerouted, the buyer will allege they never received the item.
5. The “alternate payment method” scam
This is not a scam in and of itself, but rather a measure that scammers take to leave you without options after defrauding you.
Sometimes, a scammer will ask you to transfer money using PayPal’s Friends and Family option. Although this may sound good because it eliminates the fee that PayPal levies on standard sale transactions, paying for goods is not permitted under the Friends and Family money transfer option. Any payments made like this are no longer protected by the PayPal protection program, and once you transfer money this way for goods, you have no recourse against fraud claims.
6. The “payment pending” scam
A buyer will engage with you on PayPal to pay for an item you sell. They message you, claiming to have made the payment, but that PayPal won’t release the money to you until you provide a shipment tracking number.
The scammer wants you to ship the product and provide the tracking number before you get paid and if you do, the fraudulent buyer gets the item and disappears without paying.
7. The “fake charities” scam
In case of natural disasters, for example, many people search for local charities where they can donate to relief efforts. Scammers often use this to their advantage, set up fake charities or donation sites and ask you for contributions via PayPal to fake charities.
8. The “callback phishing email” scam
In this scam, you get an email warning you of “suspicious activity” in your PayPal account, usually with large transactions involved. The email will urge you to call a number to cancel the transaction. This number then directs you to a scam call center that will try to get your PayPal login details and other personal information. This scam can be quite convincing for multiple reasons: The scammers used @paypal.com email addresses, realistic email designs, and even created fake invoices to create a sense of urgency.
Top tips on how to avoid PayPal scams
There are several actions you should take to avoid getting scammed:
- Never send money outside PayPal if you transacted on the website. For instance, if you conduct a transaction on PayPal but your customer accidentally sends a larger amount than agreed upon. This other person now wants a refund sent through a different platform, but if you comply with their request, PayPal will not be able to help you since the refund was processed outside of their system. If a buyer overpays you, cancel the transaction immediately and start over.
- Always use your own shipping method. When you choose the shipping method, you control delivery and cannot be tricked with bogus shipping labels or rerouted packages.
- Only ship to the address on the Transaction Details page. When you ship only to this address, you satisfy one of the requirements of PayPal’s Seller Protection program.
- Only deal with verified buyers and sellers. Verifying a PayPal account can be troublesome, and it requires sharing personal information with the platform. So, anyone that did it is most likely not a scammer. If you do business with non-verified PayPal accounts, proceed with extreme caution.
- Be wary of email links and attachments. Never click on email links, even if they look legitimate. Logging in to your PayPal account directly in your browser or app is much safer.
- Get a good antivirus. Some PayPal scammers will try to get malware on your computer. Never download anything sent to you via email, and use reliable antivirus software, such as Norton.
- Only contact PayPal using the number listed on its website and remember that official PayPal communications will always address you by name.