The dark side of PayPal and how to stay safe

Millions of people throughout the world use PayPal as a quick and easy way to pay for things online. However, no online service is perfect, and you should know the dangers to watch out for and how to keep your information safe.

 

What is PayPal?

PayPal is a digital payment platform that allows individuals and businesses to send and receive payments electronically. It is an online payment system that provides a secure and convenient way to transfer funds between parties without the need for cash or checks. PayPal can be used for a variety of transactions, including online shopping, peer-to-peer payments, and money transfers between individuals or businesses. It is available as both a website and a mobile app for iPhone and Android, making it easy to use virtually anywhere with an internet connection.

iPhone: 4.7 stars (at time of publishing)

Android: 4.2 stars (at time of publishing)

What are some dangers of PayPal?

PayPal is considered to be one of the safest ways to pay online, as all transactions are protected with advanced data encryption. However, being that it is such a large and successful company, it is a huge target for hackers to try to steal people’s money or personal information. The most common security threats that PayPal experiences come from phishing and identity fraud.

Phishing is where hackers impersonate legitimate organizations, such as PayPal, in an attempt to deceive you into providing sensitive information, such as login credentials or financial details. The scammers send phishing emails that appear to be from PayPal and contain links to malicious websites or attachments that may contain malware.

Identity fraud is another security threat that you may encounter if you use PayPal. Hackers may attempt to steal your personal information, such as your Social Security number or credit card details, in order to engage in fraudulent activities or make unauthorized transactions.

Common PayPal scams to look out for:

Phishing email or message scam

You receive a suspicious email or message that looks like it is from PayPal, or you are directed to a fake website that looks like the legitimate PayPal website.

Package rerouting scam

A buyer places an order and provides an incorrect or fake shipping address. The shipping company then tries to deliver the package yet isn’t able to deliver it. The buyer monitors the online tracking information and notices that the shipper couldn’t deliver the package. The buyer contacts your shipping company and asks them to send the package to their correct address. The shipping company delivers the package to the new location. The buyer then files a complaint about not receiving the item. Because the shipment was rerouted, you can’t prove the item was delivered to the address on the Transaction Details page. The buyer gets to keep the item and money. Because the package wasn’t delivered to the address on the Transaction Details page, you aren’t covered by Seller Protection. Unfortunately, you lost the product, shipping fees, and money. To add insult to injury, you might also have to pay your shipper an additional rerouting fee.

Invoice and money request scams

You receive an invoice or money request through PayPal for a product or service you never ordered. Or you receive a fake invoice or money request by email designed to look like a real PayPal email. Another scam is you receive an invoice or money request through PayPal, and the scammer has included an alarmist note. The note asks you to call their fake customer service number.

Overpayment scam

A customer sends a PayPal payment that is more than the purchase price of the order and then asks you to wire them the difference. They may tell you that they accidentally overpaid you, the extra money is for the shipping costs, they’re giving you a bonus for your great service, or the money is for the stress they’ve caused you. They may even ask you to wire the shipping fees to their shipper. This scammer may have paid with a stolen credit card, bank account number, or checking account. Just because a payment has been deposited into your account doesn’t mean the money is yours to keep. If the legitimate account holder reports unauthorized activity, the money can be withdrawn from your account. If that happens, you’ll lose the money you wired to the fraudster, the product you shipped, shipping costs, and your payment.

Shipping service scam

The buyer asks you to use their shipping account because they can get a discount, they have a preferred vendor they’ve worked with for years, or their shipping service is cheaper or more reliable. In another variation of the scam, the buyer may also ask you to wire the shipping fees to their preferred shipper. If you use the buyer’s shipping account, they can easily contact the shipping company and reroute the order to another address. The buyer can then open up a complaint asking for a refund because they didn’t receive their order. You aren’t able to prove that the buyer received their order, and you are out your product, the shipping costs, and your money. If they ask you to wire the money to a bogus shipping company, they can steal your money. After you have wired the money, you’ll find out that the order was made with a stolen card or bank account. You may be held liable for returning the funds to the legitimate customer whose account was stolen.

Prepaid shipping label scam

You receive an order from a customer who asks you to use their prepaid label to cover the shipping charges. (They may tell you that they can get their labels at a discounted price.) By providing the label, the customer controls the destination of the package. They may send it to another country, a PO box, or some other untraceable location. To be covered under PayPal’s Seller Protection policy, you are required to ship to the address on the Transaction Details page. The shipping label may also have been purchased with a stolen credit card.

How can I stay safe from these PayPal scams?

PayPal has put out numerous warnings to their customers to prevent them from getting scammed. Here are some top red flags that you should look out for.

  • Beware of generic greetings: if PayPal reaches out to you via email, they will always use your name to greet you at the beginning of the message. This is because they have a record of your account and can easily find your name. A scammer, however, might use something generic like “Dear Customer” or “Hello PayPal member.”
  • Watch out for bad grammar: many times, scammers will come from outside the country, and English is not always their first language. If you notice many grammar and spelling mistakes in a message, it is likely a scam.
  • Don’t open attachments: a real email from PayPal will never include an attachment or any kind of software. If you see an attachment, don’t open it, as it likely contains malware.
  • Look at the email address: look closely at the address of the sender. If you Google it and it’s an official email address, then it should come up right away. If it doesn’t, then it’s not really PayPal.
  • Requests for personal information: PayPal will never ask you for personal or sensitive information via email, text message, or phone.
  • Receive a suspicious invoice or money request: Don’t pay it. And don’t call any phone numbers stated in the invoice note or open suspicious URLs. Also, don’t ever wire money to someone you don’t know.

FOR MORE OF MY SECURITY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

MORE: VOICE CLONING IS THE NEW WEAPON IN SCAMMERS’ ARSENAL FOR FAMILY EMERGENCY SCHEMES

 

How to protect yourself from PayPal scams?

Choose “Goods and Services” as the payment option

If you’re using PayPal to transfer money to an unfamiliar person, such as purchasing items from online marketplaces like Craigslist, Letgo, or Facebook Marketplace, make sure to choose Goods and Services as the payment option. This will ensure that the transaction is protected by PayPal’s safeguard programs in case the seller turns out to be fraudulent.

Avoid using the “Friends and Family” payment option

It’s recommended to avoid using the Friends and Family payment option for transactions with strangers as it’s designed for transferring money between acquaintances or loved ones.

Use strong and unique passwords

Create strong passwords for your PayPal account and avoid using the same password for multiple online accounts. Consider using a password manager to securely store and generate complex passwords. It will help you to create unique and difficult-to-crack passwords that a hacker could never guess. Second, it also keeps track of all your passwords in one place and fills passwords in for you when you’re logging into an account so that you never have to remember them yourself.  The fewer passwords you remember, the less likely you will be to reuse them for your accounts.

One of the best password managers out there is 1Password. With no known security breaches or vulnerabilities, 1Password is a solid option as a paid password manager. It utilizes a well-designed interface, which features core components that are expected from premium, paid password managers. At the time of publishing, it starts at $2.99 a month, billed annually, for a total of $35.88/year, and you can save more with a family option which includes 5 family members for $60/year.

Get more details about my best expert-reviewed Password Managers of 2023 here.

Best Password Managers expert reviewed for 2023

Enable two-factor authentication (2FA)

Enable 2FA on your PayPal account for an additional layer of security. This typically requires providing a verification code in addition to your password when signing in.

Regularly monitor your account

Keep an eye on your PayPal transactions and account activity. Report any unauthorized or suspicious transactions to PayPal immediately.  You can also report a suspicious email or website by forwarding it to phishing@paypal.com

Keep your devices and software up to date

Ensure that your computer, smartphone, and other devices have the latest security updates installed. Use reputable antivirus software and keep it up to date as well.

Have good antivirus software on all your devices

Installing antivirus software will protect you from accidentally clicking malicious links from these PayPal scammers that would install malware onto your devices.  The software will also remove any existing malware from your devices. 

Special for CyberGuy Readers:  My #1 pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Read more of my review here:

Best Antivirus Protection 2024

 

Kurt’s key takeaways

PayPal is definitely a convenient and secure way to make digital payments. However, you must be aware of potential dangers such as phishing and identity fraud. If you use the PayPal app or website, it’s important to recognize the number of red flags you should look out for. I recommend you use secure passwords, enable two-factor authentication, monitor account activity, and update your devices and software to help protect against scams and maintain security. I also recommended installing good antivirus software on all your devices to prevent malware attacks.

So, stay one step ahead of these cunning cyber criminals by taking these precautions to enjoy the seamless convenience of PayPal for your online payments.

Have you seen any suspicious activity claiming to be from PayPal lately? Let us know by commenting below.

FOR MORE OF MY TIPS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

 

Related:

 

Related posts

Turo rentals emerge as common thread in Las Vegas Cybertruck and New Orleans deadly incidents

Are data brokers endangering your retirement security?

China rolls out its crime-fighting ball to chase down criminals

13 comments

Michael A Druckenmiller Sr May 31, 2023 - 5:54 am
While reading this post I was never quite sure whether the seller or purchaser was the one at risk. It seemed that many of the risks were for those that sell using PayPal as their preferred payment processor. How can a seller ensure that the address is valid? They might get a clue from Google Maps and then zoom in on a satellite image. I mean if you check the address and it's on a wharf somewhere or a construction site and it's not going to a company or a ship... As a rule I do not check out any email from places I have not personally contacted. And, those that seem valid I use the known public contact not any phone number or link in any emails. I track my incoming packages and I have seen them misrouted. Sometimes they are gone forever. So far nothing from eBay but several from Amazon and they've promptly been refunded or reordered.
Add Comment