PayPal scams: How they work and how to spot one: Header image
Safer Web 12 min read

PayPal scams: How they work and how to spot one

byDawna Roberts

Published:May 20, 2026

PayPal is one of the original online payment systems, used by millions of people to make payments securely since 1998. It’s a global platform used to purchase goods and services, make payments to family and friends, send money to overseas workers or suppliers, or even purchase and transfer cryptocurrency such as Bitcoin.

Today, in 2026, PayPal has more than 439 million active users, giving scammers millions of potential victims to use various PayPal scams to steal their money. These scammers do this in various ways, including sending phishing emails that look like legitimate emails from PayPal, and fake payment requests and invoices from “friends.”

With hackers getting more sophisticated through the use of AI, it’s increasingly difficult to identify when someone is attempting a PayPal scam. Here, we will learn how to identify and avoid a PayPal scam.

What is a PayPal scam?

A PayPal scam is a trick used by cybercriminals in which the attacker pretends to be from PayPal or references a fake transaction related to the online payment system. They do this in order to elicit payments from you or to break into your account to steal funds.

Catch PayPal scam emails before they catch you

Use Moonlock to analyze incoming messages or emails and flag phishing attempts. Even if a phishing email lands in your inbox, you’ll spot the red flags before you click.
TRY 7 DAYS FREE

How PayPal scams work

PayPal scams are often effective because so many people make routine payments through the platform or receive money that way. Hackers bank on the fact that a user may not thoroughly read an email or notification closely enough to identify when something is off. They are hoping you act quickly before stopping to think about it. 

Most PayPal scams are conducted through phishing emails that implement scare tactics. If, for example, you receive an email that looks like it’s from PayPal, warning you that your account was compromised, it may cause some alarm. You might click the provided link to “fix” your account before fully thinking things through. Don’t do it. The link could be part of a scam.

Is PayPal safe to use?

PayPal is generally a secure way to make payments. PayPal uses security features to secure your personal and financial information when you make payments or receive funds via PayPal. PayPal provides these security measures:

  • Asymmetric encryption
  • X.509 certificates
  • Digital signatures
  • Fraud monitoring

As a result, payment information is encrypted prior to being transmitted, so hackers cannot see sensitive personal or financial information when interacting with the website. They can’t modify payment buttons or forge payment details. Payments are also screened for possible fraudulent behavior.

But it’s not 100% secure.

PayPal phishing attacks can still take advantage of the way payments are displayed. This includes PayPal scam emails that utilize fake invoices or links that take you to fake PayPal pages or even payment requests.

Although the use of PayPal is secure, there are some privacy concerns. For instance, PayPal receives your data and passes it on to partners. You can see details about what data they collect, how they use it, and with whom they share it in their privacy policy. However, it states that PayPal does not share your credit card or bank account details with the merchants or individuals you purchase from.

Remember, regardless of how secure or reputable a service is, it is never 100% safe from risks or from being exploited by cybercriminals to deliver malware. Neither is it safe from being used to trick users through social engineering techniques.

Common types of PayPal scams

There are dozens of different types of PayPal scams out there. Some of the most common to watch out for are the following.

PayPal scams using email

By far, the most common scams use email to trick unsuspecting victims and follow a pattern similar to the previous example. In many cases, an email will claim to be from the tech support team at PayPal, alerting you to a problem with your account. The email will urge you to click a link and log in to your account immediately to fix it.

If you do this, the link will take you to a fake website that looks authentic. Here, in the process of attempting to secure your account, you may end up handing over your login credentials or, worse, infecting your device with malware.

Another common type of PayPal scam is a fake bill for something you didn’t order. The sender will urge you to contact them if you didn’t order the product or service. It’s a scam.

A screenshot of a fake bill in a PayPal scam.
PayPal is a trademark of PayPal, Inc.

PayPal text message scams (smishing) 

A PayPal text scam, also known as “smishing”, is a type of PayPal scam that targets victims via SMS text messages. You receive an unexpected text notification pretending to be from PayPal that alerts you about suspicious activity and may even request you to verify your account with a link. Once you click on the link, you are sent to a phishing PayPal page that collects your login credentials or financial info.

In some cases, the grammar and spelling are poor, which gives it away. Often, PayPal text scams come from a strange phone number that does not match official PayPal communications. Keep in mind that PayPal can legitimately send texts (like login codes or alerts), but it won’t ever ask you to send money, provide sensitive info, or click urgent links out of the blue.

Common signs:

  • A strange phone number texts you pretending to be PayPal
  • “Unusual activity” and a link to “secure your account”
  • Requests to confirm info via SMS
  • Messages pushing you to act fast

What to do:

  • Don’t click the link in the text message.
  • Verify with the PayPal app or website (type the URL).
  • Report the message and delete it.
Screenshot of Moonlock, Moonlock Scam Detector message

Before you act, run the text through Moonlock to help you detect smishing attempts by flagging urgent language and phishing tactics. It takes less than a minute to set up. Start your 7-day free trial today so you can catch scam texts before they compromise your PayPal account.

Facebook PayPal scams

Facebook Marketplace is a popular venue for buying and selling items. It’s no surprise, therefore, that it is also a popular venue for scams. Attackers may pretend to be sellers and request that you pay using the “Friends and Family” option. The problem is that in addition to avoiding PayPal fees, this option does not include any buyer protection. You could quickly find yourself the victim of a scam.

A screenshot of Facebook Marketplace, a common source of Facebook PayPal scams.
Facebook and Facebook Marketplace are trademarks of Meta Platforms, Inc.

Overpayment and refund scams

If you receive a message saying that someone overpaid you via PayPal and they demand that you return the money, do not do it. This is a common scam in which cybercriminals will reverse the funds sent (if it even was sent). The end result is that you will have paid them out of your own funds.

Legitimate PayPal email exploit

PayPal scams are becoming trickier than ever before. Weill Cornell Medicine reported a PayPal email scam in 2023 involving a request from someone asking for a payment. The request was legitimate, but the scammer wrote in the “Notes” section to include a message designed to pressure the recipient into paying for a fake charge or service.

Scammers use real PayPal-generated emails to send requests for payment or invoices, but they use social engineering tricks to make you believe them. Because the emails are sent through PayPal’s system, they can pass standard email authentication checks (such as SPF or DKIM) and come off as legitimate.

This makes a PayPal email scam particularly dangerous. It fools victims by appearing to be legitimate. The problem is the message hidden in plain sight or between the lines. This is how many people have fallen victim to these types of scams, as cybercriminals exploit PayPal’s invoice system to carry out PayPal phishing attacks via email.

AI-powered PayPal scams

With the rise and evolution of AI, PayPal scams in 2026 are adapting and utilizing AI tools to scale their operations.

Attackers can now do the following:

  • Create phishing emails with perfect grammar and spelling
  • Clone voices to impersonate PayPal support or a merchant
  • Use AI to create realistic images

As attackers become more clever and convincing in their approach due to the use of AI-driven tools, always scan messages with a scam tool to ensure that you’re not interacting with an AI-generated scam.

Fake tech support and remote access scams

Scammers don’t just send fake texts and emails that appear real. They can also pretend to be  PayPal’s tech support and attempt to persuade you that your account has been breached. Here are some of the ways you can encounter these scammers:

  • Fake PayPal tech support hotline you found in a Google search or ad
  • Pop-ups or warning messages directing you to PayPal support
  • Emails or texts asking you to call the number for tech support

Once you call a fake number, the scammer will try to persuade you to install software that gives them remote access to your device to resolve the issue they claim you have. This gives scammers full control over your device and can allow them to move funds from your account without your knowledge.

It’s important to know that PayPal will never ask you to give remote access to your device, nor will they tell you to install any third-party apps or tools.

Fake job offer scams

Some fake job offers involve PayPal payments. Victims may be asked to receive funds, send money, or “process” transactions as part of the role.

If a job requires you to move money through your personal account, especially for someone else, it is likely a scam.

Shipping address manipulation scams

Shipping address manipulation scams typically target sellers in peer-to-peer transactions. In this scenario, a buyer may request a change to the shipping address after payment is completed or provide conflicting delivery details.

In other cases, the buyer receives the item but later files a claim stating that it was not delivered or was sent to the wrong address. Because seller protection often depends on strict shipping requirements, it can be difficult to prove that the transaction was legitimate.

As a result, sellers may lose both the product and the payment if the dispute is resolved in the buyer’s favor.

Fake charity scams

Fake charity scams involve attackers posing as legitimate organizations and requesting donations through PayPal, often during natural disasters, global crises, or high-profile events. These requests usually involve urgency, guilt-tripping, manipulation tactics, or even popular names to appear credible. They can create webpages or social media accounts that appear authentic just to get you to believe in their cause.

Before donating, always go to the official sources to see if they are affiliated with charities you have interacted with. Also, check if they have a link to their webpage or social media platform to verify that it’s real. This helps ensure that your money goes where it’s supposed to go.

PayPal invoice and fake money request scams

PayPal invoice scams are one of the most common forms of PayPal phishing that fool users into thinking they were sent from a legitimate business. They usually contain urgent payment deadlines, asking you to pay immediately.

Last year, the Attorney General warned about trending PayPal invoice scams, where scammers may repeatedly send a PayPal invoice to a victim’s email inbox to make it appear urgent. Fake money requests are also used in similar ways, often disguised as legitimate payment notifications to pressure users into sending funds.

If you receive a suspicious invoice:

  • Do not pay it.
  • Sign in to your PayPal account directly to verify.
  • Report it through PayPal’s Resolution Center.

By doing this and reporting PayPal scams, it helps reduce abuse against others.

These are just a few of the dozens of ways scammers might trick you into paying via PayPal. So, how can you keep yourself safe?

How can you recognize a PayPal scam?

The best way to protect yourself against PayPal scams is to know what to look for and remain constantly vigilant. Below are some red flags to watch out for: 

  • Strange email addresses: An official email from PayPal will have an email address that ends in @paypal.com. If you receive a message that does not, suspect a scammer.
  • Sense of urgency: Phishing emails always employ some sort of sense of urgency. Be on the lookout for words and terms designed to make you panic and take quick action. 
  • Suspicious links: Most scam emails will contain a suspicious link that the attacker is hoping you will click. When you’re unsure, hover your mouse over the link to see where it really leads before clicking it.
  • Poor English or bad grammar: Many scammers don’t bother to get the content of their messages exactly right. You may see poor grammar, incorrect punctuation, and misspellings. 
  • Generic greeting: In most cases, a scammer won’t have your name, so the scam email may start with something nonspecific, such as “Dear Customer.”
  • A request for personal information or money: The goal of phishing emails is to make money. They may request personal information (social security number, date of birth, credit card details, bank account numbers, login credentials, etc.) to use for identity theft or fraud. 
Screenshot of Moonlock, Moonlock Scam Detector checking for scam

If you suspect that you’re being targeted by scammers for a PayPal scam, use the Moonlock to check messages or emails sent to you. Scam Detector analyzes content for phishing indicators and scam signs so you can verify that they are authentic and safe.

Given how quickly smishing attacks evolve in 2026, it’s worth trying Moonlock with a 7-day free trial. You’ll instantly see which messages are legitimate and which ones are phishing attempts.

Screenshot of Moonlock, Moonlock Scam Detector scam

What to do if you’ve been scammed on PayPal

If you’ve been scammed, act quickly:

  • Report the transaction through PayPal.
  • Dispute the payment if possible.
  • Change your password and enable 2-factor authentication.
  • Do a quick scan of your device and remove any malware.
  • Watch out for any weird or suspicious activity in your account.

Can you get your money back?

In some cases, yes, especially if the transaction qualifies for PayPal protection and is reported quickly. However, not all scams are recoverable. The faster you are at reporting PayPal scams, the better the chances you’ll get your money back.

One of the ways we can help each other is to report these scams as they occur. PayPal and law enforcement authorities can better track and apprehend scammers if they know as much about cyberattacks as possible. Always report a PayPal scam if you become a victim.

Report a PayPal scam email

PayPal urges users to report email scams by forwarding any suspicious email messages to them at [email protected]. They will take it from there and contact you if they need more information. 

Report a fraudulent PayPal transaction

If you realize after the fact that someone has gained control of your account or convinced you to send them funds, you can report it to PayPal by following the steps below:

  1. Log on to PayPal.
  2. Visit the Resolution Center.
  3. Click Report a problem.
  4. Choose the payment you need to report and click Continue.
  5. Select the option “I want to report unauthorized activity.”
  6. Follow the rest of the steps to complete the process.

The company will investigate the matter. If they determine that fraud has occurred, they will contact you with the next steps.

Report a spoofed PayPal website

Just as with phishing emails, you can send an email to [email protected] to report a fraudulent PayPal website. Include the link to the spoofed website so PayPal can investigate. 

How to protect yourself from PayPal scams

When it comes to cybersecurity, sometimes the best defense is a good offense. Arm yourself with knowledge by learning how to avoid PayPal scams, and you won’t have to clean up the aftermath later. The following are some tips to prevent PayPal scams. 

Be cautious of suspicious emails

Always be on the lookout for fraud and scams. Take your time to read alarming emails, but don’t ever click any links. If you must visit a website, type the address into your browser.

Never pay a stranger

Unless you know a person, do not send them money online. And if a stranger contacts you demanding payment through PayPal, don’t do it. Odds are, you’ll never see that money again.

Always check email addresses

Anytime you receive a suspicious email, check the sender’s address. If something is clearly wrong, delete or report it. 

Stay alert

If you receive an alert informing you that you won a prize or offering you a great deal on something, thoroughly check it out before taking any action. Many of these “too good to be true” deals and prizes are scams. 

A screenshot of a "won a prize" PayPal scam.

Common sense goes a long way toward staying safe from fraud and theft, and PayPal scams are no exception. Hackers will stoop to any number of methods to try to trick you, so always be suspicious of messages you receive via email, text, or online notification. And always check things out thoroughly before making payments to anyone using PayPal. 

MoonLock Banner
Dawna Roberts

Dawna Roberts

Dawna has spent her entire career in web dev, cybersecurity, and IT. Her work has been featured on Forbes, Adobe, Airtable, Backblaze, Cyberleaf, Lifewire, and other online publications for the past ten years.
Promo Banner

You might also like

Reddit phishing header image
Reddit scams: Is Reddit safe, and what red flags should you watch for?
Jun 5, 2026
12 min read
McAfee scam emails: How fake ones work and how to spot them: Header image
McAfee scam emails: How fake ones work and how to spot them
Jun 5, 2026
8 min read
The 11 most common Snapchat scams and how to spot them right away: Header image.
The 11 most common Snapchat scams and how to spot them right away
Jun 5, 2026
8 min read