{"id":17407,"date":"2020-09-23T23:57:36","date_gmt":"2020-09-23T19:57:36","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/paypal-most-relevant-threats\/17407\/"},"modified":"2020-09-23T23:57:36","modified_gmt":"2020-09-23T19:57:36","slug":"paypal-most-relevant-threats","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/paypal-most-relevant-threats\/17407\/","title":{"rendered":"How PayPal users get scammed"},"content":{"rendered":"

You know how to use PayPal safely<\/a>, but every day, scammers come up with new tricks to gain access to users\u2019 accounts and empty their pockets digitally. Today we\u2019re sharing some of fraudsters\u2019 most popular schemes.<\/p>\n

Advance payment fraud<\/h2>\n

It\u2019s not unusual for online scammers to use so-called advance payment fraud<\/em>, a classic Internet scam, to defraud PayPal users. Victims receive notifications that they are owed a certain amount of money \u2014 could be an inheritance, winning the lottery, or some other compensation.<\/p>\n

The options are limitless, but whatever the story, the victim has to make a small advance payment (in this case, using PayPal), and maybe fill out a form with personal data, to receive the money. Of course, the message sender disappears upon payment, and any personal data disclosed ends up in a database and perhaps sold on the dark web.<\/p>\n

How to avoid this scam:<\/strong> Do not transfer money or disclose information about yourself to strangers. Most of these messages have plenty of red flags: absurdly generous winnings or compensation, grammatical errors, a sender\u2019s address that seems more appropriate for a robot than a living person, and so on. Pay close attention to all of the details and do not make decisions in a hurry.<\/p>\n

PayPal account problems<\/h2>\n

Scam number two: Houston, we have a problem. This scam begins with an e-mail that claims to come from PayPal and says something is wrong with the recipient\u2019s account. But don\u2019t worry, the problem can be fixed \u2014 just click on this link and log in.<\/p>\n

Now wait a moment. That sounds a lot like phishing!<\/p>\n

In 99% of cases, the link leads to a page that looks more or less like the real PayPal site, although on a slightly different domain. Log in from there and both username and password go straight to the scammers.<\/p>\n

In especially severe cases, fixing the alleged account problem may require installation of a program \u201cto help restore access.\u201d In fact, it will be a Trojan<\/a>.<\/p>\n

How to avoid the scam:<\/strong> Again, look for errors in the message and Web addresses that do not match the service\u2019s official address, and always remember that PayPal will never report a problem to you using that kind of wording in an e-mail.<\/p>\n

By the way, you can check whether a website is real or a phishing site using our OpenTip<\/a> service. Even easier, install a security solution that protects you against phishing and online fraud<\/a>\u00a0\u2014 it will recognize dangerous Web pages automatically and block them, even when you\u2019re rushed or distracted.<\/p>\n

These days, scammers spread phishing links not only by e-mail, but also on social media. For example, someone might set up a Twitter account with a name like PayPalGifts and use it to target gullible users. It won\u2019t last long, of course, but while the account is up it can reap quite a harvest of user credentials.<\/p>\n\n

Overpayment refund scams<\/h2>\n

Let\u2019s now turn to some ways scammers entice people to give them money almost entirely of their own free will. Among the most common scams in this category are overpayment scams<\/a>, in which a buyer sends a seller payment, but for some reason they send more than the sales price. The buyer claims it is a mistake, and asks for a refund of the difference, but immediately on receipt the buyer cancels the original transaction.<\/p>\n

How to avoid the scam:<\/strong> Accidents happen, of course, but in most cases overpayment is implausible, and it should always be a red flag. In the event of a real error, it is safer for both parties to cancel the erroneous transaction and allow the payer to start fresh, resending the correct amount and carefully checking every one, zero, and decimal point. If they refuse, contact PayPal support right away.<\/p>\n

Fraud involving delivery and payment cancellation<\/h2>\n

Another common scam concerns delivery. Sometimes fraudsters pretending to be buyers ask a seller to send goods using the buyer\u2019s favorite delivery service, which supposedly offers them a discount. The crooks change the delivery address and then file a complaint, saying the goods were never delivered.<\/p>\n

Another potential outcome is that the delivery company turns out to be a front, allowing a dishonest buyer to get their money back using existing legitimate mechanisms for goods sent in good faith.<\/p>\n

Finally, this kind of scam may be perpetrated through address substitution: The buyer provides a fake address, and after several unsuccessful delivery attempts the company asks them where their purchase should be delivered. That way, they receive the package but nevertheless file a complaint against the seller claiming that they didn\u2019t receive anything. Given the numerous reports of unsuccessful delivery, PayPal may believe the fraudster.<\/p>\n

How to avoid the scam:<\/strong> Use only delivery services verified by you personally or by people you trust. Never send anything before receiving payment, and be sure to keep all receipts.<\/p>\n

\u201cCreative\u201d payment schemes<\/h2>\n

Honest people can also be cheated using murky payment schemes. For example, PayPal has a money transfer option with reduced rates for family and friends. Sometimes scammers request a money transfer that way so as to save on commissions, and they promise a discount in return.<\/p>\n

According to the rules of the platform, however, this method is not supposed to be used to pay for goods, and no customer protection program applies to such transfers. Anyone who sends a \u201cfriends and family\u201d payment to a scammer can kiss the money \u2014 and the goods \u2014 goodbye.<\/p>\n

Scams of this ilk also include offers to transfer money using alternative means that are supposedly more convenient, or cheaper, or for any other reason considered better by the seller. In general, if the other party insists on something like this, or starts spinning tales, or tries to create urgency (last chance to make a deal, in an hour\u2019s time I\u2019m flying to Alaska to live off the grid for the next 20 years), there\u2019s probably something fishy going on.<\/p>\n

How to avoid the scam:<\/strong> Ignore requests to use alternative payment methods. PayPal has very good protection programs for both sellers and buyers, but they work only for standard transfers made over the platform.<\/p>\n

Charitable-contribution and investment scams<\/h2>\n

There is a special circle of hell for people who send out fake solicitations for charitable donations. It is not uncommon for such people to accept \u201cdonations\u201d or \u201ccontributions\u201d through PayPal. Canceling the payment is no help if the fraudsters claim the received funds promptly (which they will probably do), so you need to check that everything is legit in advance<\/em>.<\/p>\n

Be especially attentive to requests for a charitable donation during natural disasters and other force majeure events \u2014 rest assured, crooks will always be there to cash in on the misfortune of others.<\/p>\n

\u201cProfitable opportunities,\u201d aka investment opportunities, can arise at any time. The scams are similar to those involving fake charities, but they are often characterized by promises of fabulous profits without any special risks. Of course, life doesn\u2019t actually work that way.<\/p>\n

How to avoid the scam: <\/strong>Research and verify interesting offers. Check the reputation of every charitable foundation (or investment company) you consider sending money to. It is best if you have acquaintances or friends who have worked with the concern and can vouch for its legitimacy, but regardless, you can verify charities on the Internet using services such as Charity Navigator<\/a>, the Better Business Bureau<\/a>, and Charity Watch<\/a>.<\/p>\n

How to avoid trouble on PayPal<\/h2>\n

Let\u2019s summarize and outline some general tips to help you protect yourself against the majority of attempts at deception, account hijacking, and other such unpleasantness:<\/p>\n

    \n
  • Look for red flags in messages: grammatical mistakes, attempts to incite a sense of urgency or danger, e-mail addresses and links that differ from the official ones (even if just by one letter);<\/li>\n
  • Don\u2019t trust messages unconditionally; check any potential issues through your personal account on the website or in the PayPal app (especially important when it comes to messages confirming the crediting of funds);<\/li>\n
  • Never use an unfamiliar delivery service, and ship to the address indicated on the transaction page, no other.<\/li>\n
  • Avoid the alternative money transfer methods fraudsters propose; PayPal\u2019s protection programs do not cover them.<\/li>\n
  • Don\u2019t trust an offer that seems too good to be true; it probably isn\u2019t;<\/li>\n
  • Do not give out personal information to the other party beyond what is necessary for the transaction. In particular, never share your password;<\/li>\n
  • Do not download additional software or any other suspicious files sent to you by e-mail. PayPal does not do that.<\/li>\n<\/ul>\n\n","protected":false},"excerpt":{"rendered":"

    The most common ways PayPal users are cheated out of their money through spam, phishing, and various kinds of fraud on the platform.<\/p>\n","protected":false},"author":2548,"featured_media":17408,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1486],"tags":[2355,80,104,76,240,521],"class_list":{"0":"post-17407","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"tag-deception","9":"tag-fraud","10":"tag-paypal","11":"tag-phishing","12":"tag-spam","13":"tag-threats"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/paypal-most-relevant-threats\/17407\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/paypal-most-relevant-threats\/21931\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/paypal-most-relevant-threats\/8621\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/paypal-most-relevant-threats\/23352\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/paypal-most-relevant-threats\/21547\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/paypal-most-relevant-threats\/20163\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/paypal-most-relevant-threats\/23928\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/paypal-most-relevant-threats\/22908\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/paypal-most-relevant-threats\/29132\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/paypal-most-relevant-threats\/37159\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/paypal-most-relevant-threats\/15721\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/paypal-most-relevant-threats\/16141\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/paypal-most-relevant-threats\/13999\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/paypal-most-relevant-threats\/25235\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/paypal-most-relevant-threats\/29290\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/paypal-most-relevant-threats\/26134\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/paypal-most-relevant-threats\/22908\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/paypal-most-relevant-threats\/28225\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/paypal-most-relevant-threats\/28058\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/paypal\/","name":"paypal"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/17407","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/2548"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=17407"}],"version-history":[{"count":0,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/17407\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/17408"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=17407"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=17407"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=17407"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}