Yaniv Masjedi is the CMO at Nextiva, a provider of cloud-based, unified communication services. Previously, he headed the marketing department at Aura. Yaniv studied Political Science and History at UCLA. Follow him on Twitter: @YanivMasjedi.
Jory MacKay is a writer and award-winning editor with over a decade of experience for online and print publications. He has a bachelor's degree in journalism from the University of Victoria and a passion for helping people identify and avoid fraud.
Delores Reed was a longtime PayPal user. So when she got an email about fraudulent activity on her account, she quickly clicked on the link to update her password [*].
Only PayPal didn’t send her the email — scammers did. And once they gained access to her PayPal account, they emptied out hundreds of dollars.
Dolores is not the only person to get scammed by an online payment method like PayPal. By 2023, e-commerce losses due to online payment fraud is expected to reach $48 billion [*].
Getting scammed on PayPal is a nightmare situation. Even if you don’t fall for a phishing scam, you could receive a fake product, pay for an item that never arrives, or be targeted by the many other types of scams that use PayPal. Even worse, the company recently disclosed that [*]:
Close to 35,000 PayPal users had their accounts hacked in January of 2023.
And while PayPal’s payment protection can help keep you safe, it doesn’t guarantee you’ll get your money back if you get scammed. And its protection features can’t help you if a scammer steals your identity.
So, what should you do if you get scammed on PayPal? And what common PayPal scams should you be looking out for?
{{show-toc}}
Is It Safe To Use PayPal?
Yes, PayPal is a secure way to send and receive money.
While no payment platform can claim to be 100% secure, PayPal spends millions on digital security measures to protect its users — from SSL data encryption to stop hackers from intercepting payments to fraud monitoring and security keys (their version of two-factor authentication).
But scammers know that no amount of digital security can protect against you getting tricked.
PayPal scammers use phishing emails, social engineering attacks, and other classic scams to fool you into disclosing personal data or paying for fraudulent goods.
A scammer might:
Steal your PayPal login or other sensitive information. Scammers send fake PayPal emails that trick you into giving up your password or downloading malware onto your device that can steal your sensitive information. Scammers can even use this information to steal your identity.
Sell you fraudulent or different products. Scammers create fake online stores and use PayPal to take payments for phony items. Or they will use fraudulent shipping confirmation emails to bypass PayPal’s Purchase Protection Plan.
Use PayPal’s policies against you. Some scammers will pressure you into using PayPal’s “Friends and Family” option to avoid fees – knowing that the purchase won’t be protected.
These are just some of the many ways that scammers can steal your money, personal information, or more by using PayPal.
⚠️ Take action: If scammers have your email address, your bank, social media, and online accounts could be at risk. Try Aura’s #1-rated identity theft protection free for 14 days to secure your identity against scammers.
Don’t Get Scammed! How To Protect Yourself From PayPal Scams
PayPal is one of the more secure payment apps out there. But that doesn’t mean it’s always safe to use. Make sure you follow these best practices whenever you use PayPal:
Check the sender’s email address. Scammers use lookalike email addresses to fool you into thinking you’re dealing with an official PayPal representative. Make sure that any email comes from an official “PayPal.com” email address.
Look for signs of a phishing attack. Cybercriminals will try to create a sense of urgency in their emails to get you to act quickly (for example, claiming you’ll be charged money if don’t verify your password). Always slow down and check for signs it’s a scam — such as a generic greeting, typos and weird grammar, and suspicious links.
Regularly check your credit report and bank statements. Scammers are almost always after your financial accounts. Check for the warning signs of identity theft — such as strange charges on your bank statement or accounts you don’t recognize. An identity theft protection service like Aura can monitor your credit and statements for you and alert you to any signs of fraud.
Freeze your credit. A credit freeze (or credit lock) stops fraudsters from opening new accounts or taking out loans in your name. Contact each of the major credit bureaus to request a credit freeze. Or, use Aura’s one-click credit lock to instantly lock and unlock your Experian credit file.
Consider signing up for identity theft protection. Aura’s top-rated identity theft protection monitors all of your most sensitive personal information, online accounts, and finances for signs of fraud. If a scammer tries to access your accounts or finances, Aura can help you take action before it’s too late. Try Aura’s 14-day free trialfor immediate protection while you’re most vulnerable.
Were You Scammed on PayPal? Here’s How To Get Your Money Back
The bad news is that both buyers and sellers can get scammed on PayPal. The good news is that PayPal has policies in place to protect you against most types of fraud.
Depending on the type of scam, you can try to get your money back by:
Canceling “pending” payments.
Using PayPal’s Purchase Protection plan.
Requesting chargebacks through your credit card.
How to cancel a pending payment if you think you’re being scammed
If your transaction is listed as “pending” (meaning your payment hasn’t yet been processed), you can cancel it and get a refund.
Here’s how to cancel a pending payment:
Go to your PayPal account summary.
Find the payment (it should say “pending” and “[user] hasn’t accepted yet”).
Click “Cancel” under the payment and then “Cancel Payment.”
Unfortunately, most scammers will accept your payment right away. So what do you do in that case?
How to use PayPal’s Purchase Protection program
When you buy an eligible item, PayPal’s Purchase Protection will fully reimburse you if the order doesn’t arrive or the product doesn’t match the seller’s description — as long as your account and the transaction fall within their guidelines.
Your first step is to file a dispute with the seller. You have 180 days after the purchase to make a dispute.
If the seller doesn’t respond or you can’t resolve the issue, here’s how to make a claim with PayPal:
Find the fraudulent transaction and then click “Continue.”
Click on “I Want to Report Unauthorized Activity” and follow the prompts to open your dispute.
You then have 20 days to contact the seller on PayPal for a refund.
If the seller is unresponsive or refuses to issue a refund, go back to the dispute and click “Escalate” for PayPal to make a claim.
Escalating the dispute triggers a PayPal investigation, and they’ll email you when they’ve reached a resolution.
How to use a chargeback to get money back from a PayPal scam
If you paid on PayPal with a credit card or your bank account, you could also utilize chargebacks to get a refund.
Inform your bank about the fraudulent transaction and request a chargeback. PayPal freezes the amount in the seller’s account when a request is received for a chargeback, pending what your bank decides.
Most credit card companies and banks require you to initiate the chargeback process within 60 days of the transaction.
Did Someone Hack Your PayPal and Steal Money?
Many scammers don’t want to scam you out of a single payment — they want to access your entire PayPal account (and any bank accounts or credit cards that you have linked to it)!
If a scammer stole your password or hacked into your PayPal account, you can file a case with PayPal. Here’s how:
Log into your PayPal account and visit the Resolution Center.
Click “Report a Problem.”
Find the fraudulent transaction and then click “Continue.”
Click on “I Want to Report Unauthorized Activity” and follow the prompts to open your dispute.
You should also take steps to secure your PayPal account. Update your password and security questions and enable two-factor authentication (2FA) right away. If a scammer has access to your PayPal account and has locked you out, reset your password, and then alert your bank and the three major credit bureaus — Experian, Equifax, and TransUnion — of possible fraud.
✅ Take action: If scammers get your sensitive personal data from a data breach, they could take out loans in your name or empty your bank account. Try an identity theft protection service to monitor your finances and alert you to fraud.
Scammers are always finding new ways to steal your money and personal information. Here are tips to identify — and avoid — the latest PayPal scams.
1. Advance payment or fee fraud
Advance fee fraud is a common PayPal scam in which fraudsters promise money or services in return for a small upfront payment. But if you pay them, the promised goods either never arrive or the scammers keep pushing for more money.
The classic version of this scam is someone claiming to have access to a large inheritance — they just need your help (and money) to gain access to it.
Lately, scammers have been sending emails that look like legitimate PayPal emails showing money being deposited into your account. But there’s “security issues” to resolve or “charges” that need to be paid first.
How to identify a PayPal advance fee scam:
You receive an unsolicited message, email, or text offering an enormous payoff that you weren’t expecting [*].
You’re asked to pay a fee or provide private information in order to receive a large amount of money or some other reward.
Never pay fees for money transfers, services, or anything else you weren’t expecting.
Only send money to people you know or as part of transactions that you initiate.
Remember the golden rule of fraud prevention: If it seems too good to be true, it probably is.
Watch out for the latest version of this scam. Fraudsters have taken advantage of the COVID-19 pandemic to offer “expedited stimulus checks” — for a small fee.
Americans have lost over $827 million to phony stimulus payments and other COVID-19 scams, according to the Federal Trade Commission (FTC) [*]. Don’t believe anyone who claims they can get you a stimulus check for a fee.
2. Phishing emails that look like they’re from PayPal
Phishing attacks — in which fraudsters pretend to be from a company or organization that you trust — are among the most common PayPal scams.
There are a few variations of PayPal phishing scams, but most of them follow a similar pattern.
First, scammers create emails that look like they’re coming from PayPal. They’ll even use “domain spoofing” so that the email address (“From name”) looks like it’s either from PayPal or a related sender, such as “PayPal Resolution Center” or “PayPal Customer Support.”
The message will use urgency or threatening language to get you to act. Some common examples of PayPal phishing schemes include claims such as:
Your PayPal account has been hacked and you need to “verify” your identity by entering your email, password, and other sensitive information. But any information you provide goes straight to the scammer.
Although a buyer paid for an order using PayPal, your account is on hold until you provide a shipping number. However, no order was actually made (and PayPal doesn’t hold funds in escrow), so you end up shipping an item for free.
You’ve received money on PayPal and just need to click “confirm” to get it. But when you click on the link, you’re taken to a phishing site that steals your PayPal login information.
Some phishing emails will even infect your device with malware — malicious software that searches for sensitive information and sends it back to the hacker.
How to identify a PayPal phishing scam:
Closely check the full email address — not just the display name. If your email provider hides the email address, hover over or tap on it (on a mobile device). If it doesn’t come from an official “PayPal.com” email address, it’s a scam.
Look for a lack of personalization. Phishing emails often start with “Dear user” or “Hello PayPal Member. Emails from PayPal will use your full name or business name.
The message includes a suspicious link, unknown attachments, or urgent language claiming that you owe money or your account is going to be suspended.
Don’t get scammed! Do this instead:
Never click on links or download attachments from suspicious emails.
Always double-check the sender’s email address and domain.
Don’t log into PayPal using links in emails. Instead, go directly to the site.
Report potential phishing emails by forwarding them to phishing@paypal.com.
Delete the email from your inbox.
3. Overpayment scams when selling items
An overpayment scam happens when a buyer overpays for an item and then requests a refund through another account.
What seems like an innocent mistake is really a fraudster spending money from a stolen credit or debit card or a hacked PayPal account. Upon receiving the “refund,” the scammer will cancel the original transaction — and you lose the cost of the sale plus the overpaid refund.
As a seller, you’re also at risk of losing your good standing when the real cardholder reports the fraud and you have to refund the purchase amount.
How to identify an overpayment scam on PayPal:
A buyer sends you too much money for a product and asks you to refund the overpayment. Be especially cautious if they want you to refund it to a different account.
Don’t get scammed! Do this instead:
If someone asks for a refund on an overpayment, cancel the whole payment instead of refunding a set amount so that the buyer can restart the order.
Never refund money to a different account other than the one that the buyer used to pay you.
Contact PayPal support if you think you’ve received a fraudulent payment.
With a shipping address scam, fraudsters use an invalid delivery address on the order. The shipping company can’t find the address, so they mark it as undeliverable.
Next, the scammer contacts the delivery company and provides a new address for the package delivery. But because the shipping company already marked it as undeliverable, the scammer can file a claim with PayPal that the item didn’t arrive.
How to identify an invalid shipping address scam:
Check that the shipping address is valid before sending out any purchases.
Ask your shipping company about rerouting deliveries. Find out if customers can change their shipping address and if you’ll be notified if that happens.
Don’t get scammed! Do this instead:
Adopt software that only uses legitimate zip codes and addresses when placing orders.
Insist on signature confirmation for deliveries.
Keep all receipts, and never ship items before receiving full payment.
✅ Take action: Protect yourself from the risks of identity theft and fraud with Aura’s $1,000,000 in identity theft insurance. Try Aura free for 14 days to see if it’s right for you.
5. Fake tracking numbers for online purchases
In this scam, fraudsters use stolen tracking numbers to either ship the wrong (and much cheaper) items or not send them at all.
Cybercriminals create fake online stores that offer PayPal checkout to build trust. Customers make purchases and receive tracking information — but what arrives isn’t what they ordered. Unfortunately, because the seller can show that the item was delivered, PayPal denies the buyer’s refund claim.
In another version of this scam, fraudsters will ship the item to the wrong address. When customers try to return the order or get a refund, the website either doesn’t provide the option or is unresponsive.
How to identify a fake tracking number scam:
Make sure you’re only buying from legitimate online stores. Choose stores that use secure websites, domains, and URL addresses (for example, “https” is secure; “http” is not). Look for proper design, spelling, and grammar.
Check the tracking number as soon as you receive it. If anything seems suspicious, contact PayPal.
If you’re unsure about a delivery (for example, if it looks much smaller or bigger than you expect), take a video of yourself opening the box as proof of what was inside.
Don’t get scammed! Do this instead:
Make sure that any site you shop on has a working phone number or email account for customer support.
Research online stores before shopping. Check reviews on third-party sites like TrustPilot and Yelp, as well as on the Better Business Bureau’s (BBB) Scam Tracker.
Don’t fall for too-good-to-be-true deals. Scammers often use low prices to trick you into buying from them instead of from legitimate stores. Be especially careful about shops that advertise aggressively low prices on social media sites like Instagram.
6. Phishing websites that look like PayPal login pages
Scammers create fake PayPal login pages that are nearly impossible to distinguish from the real thing [*]. They use the same design and will even use domain names that look like they could plausibly be connected to PayPal.
But if you enter your account information and passwords, you’ll end up with an error screen. While you try to figure out what’s going on, scammers are busy emptying your account or locking you out of it.
Phishing sites like this have become a massive problem in the past few years. The Anti-Phishing Working Group (APWG) detected over 400,000 unique phishing sites in September of 2022 alone [*].
How to identify a fake PayPal login page:
The domain name isn’t PayPal.com. Always remember that PayPal doesn’t use region-based domain names such as PayPal.co.uk. They’ll reroute to your local version based on your IP address.
The website doesn’t have an SSL certificate. If the site doesn’t have a lock symbol near the URL, it’s not an official PayPal site.
Don’t get scammed! Do this instead:
Never log into your PayPal account from a site that was linked in an email or message. Instead, always go directly to paypal.com to make sure you’re on the correct site.
Use Aura’s antivirus software that can identify potential phishing sites or pages that are trying to infect your device with malware.
7. PayPal text message scams
A more recent scam involves fraudsters sending fake text messages claiming to be from PayPal to “verify” a payment that you didn’t make. The message will say you only have 30 minutes to dispute the charge and ask you to click on a link (which is shortened or scrambled so that you don’t know where it leads).
But if you click on the link in the message, it will either take you to a fake PayPal login page or infect your device with malware.
The message creates a sense of urgency or threatens that you’ll lose money if you don’t act quickly.
The message contains a link that isn’t from paypal.com.
Don’t get scammed! Do this instead:
Ignore text messages that claim to be from PayPal. If you want to check if a payment was made using your account, log into PayPal directly — not through the link in the text message.
Forward the scam text message to phishing@paypal.com.
Never click on links in text messages or return phone calls using the number provided in the message.
8. Charity scams that collect donations through PayPal
One of the most insidious PayPal scams uses fake charities to hijack donations from generous individuals.
For example, scammers might set up a fake GoFundMe or PayPal donation link in response to a natural disaster or trending event. They’ll even create a fake charity website or scam Instagram page to make the lie believable.
How to identify a fake charity PayPal scam:
Do your research before donating to any cause. Check the charity on the Better Business Bureau (BBB), Charity Navigator, and Charity Watch. You can also Google the charity’s name + scam/fraud to see if anyone else has complained about them.
Don’t get scammed! Do this instead:
Only donate to reputable charities. If you’re interested in contributing to a GoFundMe initiative, research who organized the fundraiser to see if it’s legitimate.
9. Sellers asking to use “Friends and Family” payments
PayPal only offers buyer protection on transactions tagged as a purchase — not ones that you send using the “Friends and Family” option.
Scammers on platforms such as Craigslist or Facebook Marketplace will often try to get you to use “Friends and Family” by claiming that it avoids fees (it does) and that it’s safe (it isn’t always). But if you make the purchase this way, the seller can disappear without sending you the item and you have no recourse other than a credit card chargeback.
How to identify a “Friends and Family” scam:
The seller wants you to transfer money tagged as “Friends and Family” to avoid fees.
You’re unable to meet up in person and inspect the item — this is especially suspicious if it’s a high-value or in-demand product.
Don’t get scammed! Do this instead:
If you’re buying a product or service, pay for it as “Goods and Services” — not “Friends and Family.”
Use a credit card to make purchases instead of using a PayPal balance, as you’ll be able to initiate a chargeback if you get scammed.
10. Fake PayPal invoices
If you regularly handle invoices as part of your job, you’re probably used to paying companies or contractors by using PayPal. In this scam, fraudsters send official-looking PayPal invoices for fake work, products, or contracts. The goal is that you’ll assume the invoice is legitimate and pay it without thinking.
They may disguise the invoice as coming from a real company or organization — such as GoDaddy or The World Health Organization (WHO).
How to identify a PayPal fake invoice scam:
Double-check all invoices for a legitimate work order or purchase receipt. If you’re at all uncertain, bring it up with the rest of your company to find out if anyone knows who it’s from.
Make sure the invoice is addressed to you by name — not just a generic “Dear sir” or “Dear Accounts Receivable” salutation.
Don’t get scammed! Do this instead:
Confirm all invoices with the point of contact person in your organization.
Report the fraud to PayPal’s Resolution Center to stop the scammers from targeting other people.
How To Prevent Getting Duped by PayPal Scams
Scrutinize the details of every email that claims to come from PayPal. Make sure the sender is using an official PayPal.com email address. Look for other red flags, such as poor grammar and spelling.
Don’t pay fees for payments or prizes. Never send money in order to receive a gift or “free money” — especially if you’re being asked to pay in cryptocurrencies like Bitcoin.
Secure your PayPal account with a strong password and 2FA. Use a password manager to keep track of your passwords.
Know your rights as a PayPal user. Make sure you’re following the rules of PayPal’s Purchase Protection Program.
When selling on PayPal, don’t give refunds to different accounts or skip signatures. Sellers can also get scammed on PayPal. Make sure you’re protecting yourself by insisting on confirmation of delivery and not refunding “overpayments.”
Don’t click on links or attachments in strange emails or texts. Always log into PayPal using the official website — not through links in emails or text messages.
Only use “Friends and Family” with your friends and family. This ensures that you’re protected in case of fraud.
Connect your credit card to your PayPal account instead of your bank account. Your credit card offers purchase protection and chargebacks, whereas money stolen from your bank account is essentially lost.
Consider signing up for Aura’s all-in-one digital security solution. Aura monitors your online and financial accounts for signs of fraud and protects your devices against malware and phishing. And if the worst should happen, you’re covered by a $1,000,000 insurance policy for eligible losses due to identity theft.
The Bottom Line: Stay Safe From PayPal Scammers
If you’ve been scammed on PayPal, you probably don’t trust the platform anymore. But PayPal can be safer than many other payment options (such as Venmo, Zelle, or Cash App) — as long as you use it properly and avoid common scams.
Prevention is always preferable to becoming the victim of fraud. For added safety, consider Aura’s digital security solution that alerts you to threats and takes action to prevent issues in near-real time. Aura covers your family with proactive protection that secures your devices, shields you from online hackers, and safeguards your identity.
FAQ: Everything Else You Need To Know About PayPal Scams
Can you get scammed through PayPal?
Yes, you can be scammed on PayPal. While there are many advantages to using PayPal as a secure platform, the reality is that fraudsters target PayPal users for various scams.
What is covered by PayPal’s Buyer Protection?
You bought a new item but received a used item.
The item didn’t match the description.
The item arrived damaged.
Missing parts in your delivered product.
You only received portions of the order.
You received a fake product when you paid for an authentic product.
What’s not covered in PayPal’s Buyer Protection?
Prepaid cards.
Money sent to friends and family.
Industrial machinery.
Real estate.
Dispute filed after 180 days from the date of transaction.
Items described correctly.
Items purchased in person.
Motorized vehicles.
Donations.
Unauthorized transaction claims submitted after 60 days from the date of the transaction.
Will PayPal refund money if I get scammed?
Yes, PayPal will refund you if you make an eligible purchase. Conditions for eligibility include:
Your PayPal account is in good standing.
You received an order that was damaged during shipping.
The product didn’t match the seller’s description.
The seller didn’t ship your order.
You didn’t authorize the transaction.
How do I claim money back from PayPal?
First, contact the seller for a refund. You can open a dispute in the resolution center if the seller doesn't respond or refuses to issue a refund. You have 180 days from the transaction date to file a dispute.
How does PayPal decide who wins a dispute?
When you file a dispute, PayPal withholds the money for the transaction until the dispute is resolved. In some cases, they’ll ask both buyer and seller for evidence. Next, they’ll review the evidence and make a decision. Unfortunately, there’s no way to know how PayPal decides.
Can I dispute a PayPal charge with my bank?
PayPal encourages users to resolve issues through the Resolution Center. However, you can dispute charges through your bank, resulting in a chargeback.
Does PayPal offer seller protection?
Sellers can also get scammed on PayPal. In order to be eligible for PayPal’s Seller Protection plan, you must:
Have a U.S address listed on PayPal.
Sell physical items that can be shipped.
Ship items to the address on the transaction details page.
Send documentation of the scam within ten days.
What’s not covered by PayPal’s seller protection?
Chargebacks, claims, and reversals where items are not as described.
Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.
Is this article helpful so far?
Yes
No
Skip
Need an action plan?
No items found.
Is your child ready for a cell phone? Take this quiz to find out.