17 Sneaky PayPal Scams You Need to Know—and How to Dodge Them

Boasting over 434 million users and growing, PayPal remains a tempting target for scammers. Numerous online scams that involve payment apps—including Cash App , Venmo , and Zelle Rely on the assumption that users lack understanding of how these services function or employ them without caution, making them susceptible to malicious individuals aiming to pilfer their funds, financial data, and other sensitive information.

This does not imply that you must eliminate your PayPal account entirely. You can continue to benefit from all of PayPal’s services by utilizing it wisely and recognizing the indicators of fraud. To assist with this, we have gathered insights from cyber security professionals on spotting potential threats. PayPal scams to watch out for and ways to steer clear of them.

What is PayPal?

PayPal serves as a comprehensive digital financial service that provides an option beyond conventional banking systems. Individuals looking to use this platform have to connect either their bank accounts or credit cards initially. Once set up, customers can access the site via computers or mobile devices for buying goods from various sellers, receiving payments and transfers, or moving funds or cryptocurrencies among different accounts within the network.

Is it possible to be scammed using PayPal?

It's distressingly simple for con artists to swindle you out of your funds or personal financial data via PayPal. As stated by Eva Velasquez, who serves as the president and CEO of the Identity Theft Resource Center, "PayPal’s platform sees various cons and fraudulent activities orchestrated by identity thieves aiming to take your money, financial details, and other sensitive information."

However, remember that scams aren't exclusive to PayPal. "It’s crucial to understand that you can be defrauded through any website or service," explains Alex Hamerstone, a director at TrustedSec, an ethical hacking firm.

What are some typical PayPal frauds?

While scammers can be sneaky and convincing, their scams also tend to have some common themes that make them easier to identify. Here are some of the most prevalent.

Order confirmation scam

In the majority of PayPal-related scams, scammers use phishing emails to impersonate PayPal. Here’s how this one works: Criminals will create a fake or “spoofed” An email address seemingly originating from PayPal will send you a message resembling an order confirmation for a recent buy. This communication will prompt you to verify your order status by signing into your account via a provided hyperlink.

Phishing emails come in various guises, yet "the one thing that stays consistent," according to Karim Hijazi, CEO of cybersecurity firm Prevailion and ex-contractor with the U.S. intelligence services, "is what criminals aim to achieve." They seek to obtain your PayPal username and password by deceiving you into entering them on a fake webpage designed to mimic the real site. After acquiring this data, scammers can access your account, initiate transactions, transfer funds, or execute additional malicious activities. doxxing attack , along with numerous other items.

Fake fraud alert scam

Be cautious of unexpected text messages resembling fraud warning notices from PayPal. These may be referred to as " smishing ” attacks (abbreviated as SMS phishing) These fraudulent warnings are challenging to identify since the messages can differ significantly. Some may alert you about an attempt to log into your account, whereas others could indicate unusual activity on your profile. "Scammers employ a broad array of deceptive notifications, each one distinct from the next," according to Hijazi.

Although PayPal typically sends text messages or emails containing one-time login codes or two-factor authentication prompts, an unexpected PayPal alert can indicate potential fraud. Such notifications often seem to originate from a genuine PayPal contact number, yet the included links might direct you to counterfeit login pages designed to capture your credentials, including your password. Additionally, clicking these links has the risk of inadvertently downloading malicious software that grants unauthorized access to your device. someone to spy on your iPhone , so make sure to delete any phony texts as soon as you receive them.

Docusign email scam

Since early 2025, scammers have been setting up Docusign accounts and using templates provided by Docusign to impersonate PayPal customer service representatives, according to Malwarebytes. They send an email through Docusign to let you know they’ve identified an unauthorized transaction and you need to contact them immediately to process a refund. Ultimately, the goal is to get your financial information.

“This scam is especially effective as it uses a legitimate services to impersonate a legitimate entity to convince the victim of the authenticity of the message,” says Seth Ruden, who is a certified fraud examiner and serves as the global advisory director for the U.S. and Canada, works at BioCatch , a cybersecurity firm focused on preventing digital fraud Many of us are accustomed to receiving regular DocuSign emails for formal documents. When combined with the pressure of addressing a security problem, it becomes quite easy to be deceived by such an email.

Scam involving Google Ads customer service

In early 2025, Malwarebytes detected another fraud scheme where criminals tricked PayPal users through deceptive Google advertisements purporting to offer legitimate customer support. Once these crooks gain control over certain advertiser accounts, they publish Google ads that mimic the genuine PayPal site URL; thus, showing "paypal.com" within the search results but leading victims to fraudulent sites featuring fake contact numbers. When unsuspecting individuals call those bogus lines, online thieves intercept their calls ready to pilfer sensitive data. According to Ruden, "This con hinges on an apparently credible method for folks seeking assistance." While we often place our faith in the authenticity of both Google’s search outcomes and the displayed helpline numbers, even such paid ad placements aren’t immune from being compromised and misused by hackers.

Unexpected payment or transfer request fraud

Before agreeing to an unforeseen payment or transfer request on PayPal, carefully examine the accompanying message. Certain fraudsters set up accounts that mimic genuine individuals or enterprises—sometimes even taking their usernames and profile images.

If you find yourself agreeing to a scammer’s demand and transferring funds through PayPal, you ought to inform PayPal about it. Nevertheless, keep in mind that a reimbursement from PayPal isn’t guaranteed. Thus, as Velasquez advises, prevent being duped by only starting your own transactions and declining any unexpected payment or transfer solicitations on platforms like PayPal and Velasquez.

Password reset request scam

If you receive an unexpected password reset notification from PayPal, Hamerstone advises not clicking any links in the text message or email. Rather, access PayPal’s app or site via your web browser and update your password right away to ensure your account hasn't been compromised.

Scammers frequently generate bogus password reset notifications that seem to originate from PayPal as well. If you click on a hyperlink within such messages, whether via text or email, you might inadvertently disclose your log-in details to these fraudsters or end up downloading malicious software. Enhancing your security measures can help protect against this. iPhone security and checking these iPhone privacy settings can safeguard you if a hacker manages to infiltrate your smartphone.

Fake charity scam

Another common PayPal scam uses fake charities to solicit donations from unsuspecting users. The fraudster will create a webpage for a phony charity organization, then contact victims asking for donations via PayPal. Although they may share forged confirmation emails or receipts to make it appear as though the transaction is legitimate, in reality, they have already taken off with your money. These fake charity sites are getting more convincing, but there are ways to spot fake donation scams So you won't become a target moving forward.

Promotional offer scam

Like fake fraud alerts or order confirmation emails, this scam relies on a spoofed email address or phone number that makes their message appear to be from PayPal. The message notifies users that they have qualified for a promotional offer and money has been deposited into their account. Ultimately, the scammer is hoping to trick the user into entering their PayPal login credentials on a fake webpage or clicking an attachment that compromises their phone with a virus .

Prize winnings scam

In a comparable scam, fraudsters assert that you've won a prize, but they require payment of a minor processing fee to obtain it. "Fraudsters might send out communications or emails containing links to falsely claimed prizes or incentives, usually requesting your login details," according to them. Brian Cute , the CEO and capacity and resilience program director for the Global Cyber Alliance . They might say you "deserve" a payout, but they still ask for money from you, he explains. Naturally, a genuine prize would never demand an initial fee.

Investment scam

This fraud boils down to familiar wisdom: If something seems too good to be true, it probably is. Whenever anyone requests you to make an upfront payment as part of an alleged online investment opportunity, warning signs ought to appear at once—particularly if this involves cryptocurrencies, which are often exploited by swindlers. "Avoid making any crypto investments through individual sellers such as PayPal," advises Ruden. "Such transactions are invariably fraudulent."

Refund request scam

Getting an unexpected PayPal deposit doesn’t necessarily mean someone made a simple error. Often, con artists employ this tactic to deceive you into returning the cash to them. A swindler could utilize pilfered banking details taken from a compromised PayPal account to move a few hundred bucks into your account and subsequently contact you with a request like, "Whoops! Could you please return that?" When you comply and forward the funds, those monies end up going onto the scammer’s debit card linked to their fraudulent profile, whereas the illicit transactions get deducted from your balance.

Overpayment scam

It turns out that everyday users aren’t the only ones falling prey to PayPal scams—criminals also go after sellers and retailers via this platform. A criminal might pay more than the listed price for an item with a counterfeit or stolen credit card or bank account information, subsequently reaching out to the seller asking to refund the excess funds typically into another account from where they made the primary payment. After obtaining those refunded monies, these scammers inform PayPal about cancelling the initial purchase, which leaves the seller without either their merchandise or compensation.

Shipping address scam

Whenever you sell items online, make sure to confirm the shipping address provided. Certain fraudsters might buy products via PayPal yet provide incorrect destination addresses. Once the courier labels the parcel as un deliverable, the purchaser may reach out to the carrier for an address update and then ask PayPal for a reimbursement due to the non-delivery of their order.

Prepaid shipping label scam

Some scammers When targeting sellers on PayPal, scammers might ask them to utilize a prepaid shipping label for sending items they've bought. "In such cases, the seller loses their online safeguards since the label places the parcel under the scammer’s jurisdiction," clarifies Ruden. Typically, these purchases involve fraudulent credit cards or aim to deliver packages to undisclosed locations. To prevent falling victim to this fraud and maintain coverage under PayPal Seller Protection, recipients should refrain from accepting alternate shipping labels and must ensure delivery solely to the verified transaction address, according to PayPal recommendations.

Buyer protection scam

In a perfect scenario, PayPal’s Purchase Protection—which was formerly called Buyer Protection—guards you against fraud by compensating you if your purchase doesn't arrive or turns out to be markedly dissimilar from what the seller described. Sadly, con artists have discovered methods to exploit this protection policy.

Imagine getting a counterfeit gemstone that bears little resemblance to its online picture. Since disputes often come down to one party's claim versus another's, many purchasers and vendors contend that PayPal has sided with scammers in comparable situations. Some also mention that although PayPal might rule in your favor, you still have to return the faulty item to the dishonest seller to get a refund. This obstacle can be so daunting that individuals sometimes choose to absorb their losses rather than pursue compensation.

Friends and family scam

Other fraudsters avoid Purchase Protection completely by requesting payment for items such as resold concert tickets via the 'friends and family' option. This method serves as an optimal workaround for swindlers since these exchanges lack protection. The main point here is to limit the use of 'friends and family' payments strictly to actual friends and family members.

Hacked account scam

Should a cybercriminal obtain login details via a phishing attack and gain entry into a PayPal account, they might exploit this access to defraud additional victims. For instance, they could deposit funds into your PayPal account under false pretenses of goods or services rendered. However, once you send out the item, the deposited amount vanishes from your balance. Typically, PayPal reverses these transactions upon learning about unauthorized activity on the compromised account.

What steps can I take to prevent being defrauded on PayPal?

Let's be frank: cybercriminals will continually attempt to deceive you. However, several measures can be adopted to safeguard yourself from potential PayPal scams. Specialists suggest adhering to these precautions. tips to outsmart scammers .

Always initiate transactions on PayPal If someone asks you for money, refrain from accepting their request until you confirm its legitimacy.
Do not click on any links, attachments, or reply to unsolicited messages from PayPal. Contact PayPal directly instead to verify the authenticity of the communication.
Check for generic salutations, typographical errors, or grammatical mistakes in emails from PayPal, as these might indicate a potential scam.
To find out whether an email message is actually from PayPal, click the “view source” or “open original” button in your email account. This will show the full header and routing details for the email you received. Find the line item in the header called “return-path,” which tells you whether the email you received came from PayPal or a fake email address. A phony sender’s address might be scrambled or off by one or two letters.
Never log in to your PayPal account through a link that is shared with you via email, text message or other means. Instead, log in directly from your web browser or app.
Rather than calling a phone number that has been provided to you in a message from PayPal, contact PayPal directly by looking up its publicly listed phone number.
Do not disclose your account details, such as passwords, banking information, or payment card data, via email or telephone.
If you get a fraudulent or dubious email or text message, inform PayPal about it. spoof@paypal.com .
Routinely check your PayPal account for any irregularities, and reach out to PayPal if you spot something odd.
Create a strong, unique password and enable two-factor authentication To stop hackers from gaining access to your PayPal account.
Use spam filters to block emails and stop spam texts going forward.

In short: "Customers should cultivate a spirit of doubt and watch out for warning signs," according to Cute. If you get unexpected messages from PayPal, it’s wise to reach out to PayPal through their confirmed customer support line to verify if they initiated the communication. Avoid clicking suspicious links, stay calm when dealing with unrequested emails and texts, and remember—if something seems incredibly favorable, proceed cautiously.

About the experts

Eva Velasquez She serves as both the president and CEO of the Identity Theft Resource Center. In her role, she is a prominent figure in addressing issues related to identity theft, cybercrime, and fraudulent activities.
Alex Hamerstone CISSP serves as the advisory solutions director at the cybersecurity firm TrustedSec. Prior to joining TrustedSec, he held various positions in compliance and security at a software company whose clientele spanned more than 27 nations.
Karim Hijazi is the founder and CEO of Prevailion, a cybersecurity firm specializing in identifying ongoing threats through infiltration of hacker networks. He previously worked as a contractor for the U.S. intelligence sector.
Seth Ruden He serves as a certified fraud examiner and acts as the global advisory director for the U.S. and Canada at BioCatch, a firm focused on cybersecurity with an emphasis on preventing digital fraud. With more than two decades of expertise, he specializes in thwarting financial crimes and managing risks.
Brian Cute serves as both the CEO and the Capacity and Resilience Program Director at the Global Cyber Alliance, a nonprofit entity dedicated to enhancing online safety for individuals and institutions.

Why trust us

Reader’s Digest She has authored numerous pieces on personal technology, equipping readers with insights to safeguard themselves from cyber threats and online frauds, alongside uncovering top strategies, tactics, and workarounds for devices like computers, smartphones, applications, messaging services, social platforms, and much more. This article on tech advice draws upon Brooke Nelson Alexander’s extensive background as an experienced journalist and technology correspondent. Our content hinges on certified specialists who possess practical expertise along with direct input from key entities such as tech firms, industry groups, and scholarly bodies. Every detail and statistic undergoes rigorous validation and periodic review to maintain their precision and relevance. Learn more about our process here. team , our contributors and ourselves editorial policies .

Sources:

Statista Number of global PayPal users from Q1 2010 to Q4 2024
Eva Velasquez , President and Chief Executive Officer of the Identity Theft Resource Center
Alex Hamerstone , director of advisory solutions at TrustedSec
Karim Hijazi , who founded and leads Prevailion as their CEO
Malwarebytes PayPal scams exploit Docusign API to disseminate fraudulent emails.
Seth Ruden , Certified Fraud Examiner and Global Advisory Director for the U.S. and Canada at BioCatch
Malwarebytes Scammers exploit PayPal’s ‘no-code checkout’ feature.
Brian Cute , serving as the CEO and directing the capacity and resilience programs at the Global Cyber Alliance
PayPal Typical forms of e-commerce fraud and methods to stop them
PayPal What are typical scams, and how can I identify them?
PayPal : “PayPal Purchase Protection”
PayPal PayPal's Buying Safeguard Plan
WA Government Scammers take advantage of a payment flaw on PayPal.
PayPal What's the distinction between transactions with friends and family versus those involving goods and services?

Identifying Apple ID Phishing Attempts

What Is Vishing?

Steer Clear of Calls from These Area Codes