How to not get caught in a PayPal scam

PayPal is an easy way to pay for things online but like most internet sensations, there are people out there who want to ruin it by stealing your money. However there is good news, because there are ways to spot scammers who use phony emails to gather personal information or leave you with a nasty virus. While there are tell tale signs that point to a fake message, bad guys are getting more sophisticated so it is important to go through all these steps before determining whether or not to type in that social security number. 

Step 1: Look for any grammatical errors. 

This is the most obvious tell of a fishy email. A real PayPal email will avoid spelling errors because the company portrays itself as a professional company and not a sloppy hacker. If there are any errors in the email just delete it immediately, and thank the guy trying to rob you for being so careless. 

Step 2: Pay attention to the greeting 

If the scammer has access to spell check, look at  is the email greeting. Legitimate PayPal emails will include the full name of the account holder of the business that owns the account. If you receive something that says “Dear PayPal User,” or “Dear Customer,” delete it. This is another dead giveaway. Paypal will always personalize emails and avoid generic terms like “customer” and “member.” 

Step 3: Be wary of attachments

If everything has checked out so far, look to see if there are any attachments. PayPal  never uses attachments and clicking on these will most likely download a virus onto your computer. Special software isn’t needed to access a PayPal account, so downloading anything in an email from the company is never necessary. The image below shows three red flags, “Dear Member,” an attachment, and a misspelling of the word “inconvenience.”

Paypal email scam example

Step 4: Never put personal information into an email

This should be a rule of thumb for all emails, but especially those that may seem a bit off. When PayPal needs any information from you it will send an email requesting that you log into your account and make changes from within the secure site. Any email asking for your login credentials or credit card information is a gigantic red flag. Scammers will often use language to scare people into opening emails and with false statements such as, “Your account will expire if you don’t update it” or “there has been a problem with a payment made to your account.” Basically they will try to make you believe you are losing your money, and yes I’m sure they do see the irony in that. 

Step 5: Don’t click on links

Most PayPal emails don’t include links, so it’s good to be cautious before clicking on one, even if everything else looks good. Before you click any link, it may be worth checking. The quickest way to check the validity of a link is to hover over it with your mouse. If the address reads, don’t click on it. The real company website is https:// not http://. If you accidentally do click on a link without checking it, it will probably be okay. Links are usually used to bring you to phishing websites and steal your information and not to download a virus, but before going any further, check to see if there is a little green lock by the address. This ensures it is absolutely a PayPal verified site. The lock is pretty much a fail safe, but it is good to know that it won’t always come up if you’re on a site owned by a different company.   


Step 6: Get rid of the email

Once you identify a fake email. you can forward it to, where they will monitor it, or you can just delete it and not worry about it again. Most importantly, be skeptical. It’s better to spend a little bit of time reviewing an email than to have someone’s fingers in your pocket. 

Did we miss any tips to avoid get suckered into a PayPal scam? Let us know in the comments below.

Get our Top Stories delivered to your inbox: