Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown

How to spot PayPal phishing scams

PayPal phishing scams have been around for years and it seems that criminals are not going to stop any time soon. They can send you a fraudulent email, trying to convince you to click on a link. If you do, they could steal your money in minutes. How do PayPal phishing email scams work and how can you protect yourself? Is PayPal safe?

Karolis Bareckas

Karolis Bareckas

How to spot PayPal phishing scams

A vicious email scam

As you may already know, PayPal is one of the most widely used methods of sending payments online, usually for the purpose of purchasing goods and services online.

Since PayPal is connected to your bank account or card, it is a potential gold mine for hackers and other opportunistic entities. If they are able to trick you into giving them your sensitive information, they’ll be able to control your account and steal your money.

For this reason, there have been numerous PayPal phishing scams throughout the company’s history, such as this one, this one, this one, or this one.

One of the most typical scams is to send PayPal users an email claiming that somebody has changed their password from an unknown device and urge them to fix this as soon as possible. However, once you click on a link in the email, you’re being redirected to a fake PayPal website. If you type in your credentials, criminals will use them to compromise your account and even make payments.

How to avoid PayPal phishing scams

Look for spelling and grammar mistakes

This is an easy one, as any serious company would not send out emails with bad grammar and simple spelling mistakes. However, it is important to note that because people are usually alarmed by the possibility that their PayPal account has been compromised, they may not focus on spelling and grammar.

Look at the greeting

PayPal will always use the customer’s full name in the email. If you receive a generic address (“Dear User,” “Hello customer”) or nothing at all, it’s a dead giveaway that this is a fake email.

Don’t click on links

If you are still unsure of whether the email is real or not (for example, somehow the phisher had good grades in grammar and used your full name), don’t click on the link that will say “Log in,” “Resolve Now,” or some other variation. PayPal will never ask you to log in in order to confirm your existing account. Any sense of urgency should also raise your suspicion.

You can usually check the link quickly by putting your mouse over the button, but not clicking on it. The URL will show up at the bottom of the screen. If it says, don’t click on it. PayPal uses https, and you are about to become a phishing victim.

If you are still unsure, open a new tab and go to your PayPal account and check if there’s no notification, then you know that the email was another phishing attempt.

How do I report a fake PayPal email or website?

After you’ve determined that the suspicious email is fake, you can either delete it from your email account or pass it on to PayPal. Just go to PayPal’s resolution center or forward the email to They will now be able to warn users and enact other measures to shut down that particular phishing scam. Not only will you have avoided being a phishing victim, but now you’ll be able to assist others in not falling victim to the same ploy.

How to enhance your security

If you want to take security into your own hands, look no further than a VPN. It encrypts your traffic and masks your IP address, providing you with genuine privacy while browsing online. Having a VPN enabled on your device is vital when connecting to public networks. Hackers can set fake hotspots and then monitor what you do online, intercept your passwords, and even make fake PayPal payments.

NordVPN has an extensive server network and useful safety features, and provides users with powerful encryption. With one NordVPN account, you can protect up to six different devices, including tablets, laptops, routers, smart TVs, and smartphones.

When it comes to digital security, it’s better to be proactive, rather than waiting for an incident to happen.

Karolis Bareckas
Karolis Bareckas Karolis Bareckas
Karolis is a tech geek who writes about cybersecurity, online privacy, and the latest gadgets. When not rattling his keyboard, he’s always eager to try a new burrito recipe or explore a new camping spot.