How often do you open your inbox and see a variety of emails coming from PayPal? Chances are, you have probably seen many over the years, even if you don’t have an account with the website. Chances also are, many of these emails are phishing ones. Often cybercriminals target their victims by email in the form of phishing; these types of emails are an unfortunate reality in a digital world.

Cybercriminals routinely use this technique to try to scheme people with the intent to defraud through financial or identity theft. This type of cybercriminal, often referred to as the phisherman, will attempt to solicit information through asking direct questions in an email or by providing a link for the recipient to click.

PayPal sign in building
Credit: Steve Ganz via Flickr/CC by 2.0

PayPal is a frequent target for scammers to try to impersonate in attempts to trick people into giving up valuable information so they can commit fraud.

Scammers Love to Spoof PayPal

Fake websites are often created to impersonate real businesses. They generally spoof banks, companies, non-profits or other types of organizations as a means to gain a recipient's trust to try to trick them to fall for their scheme. PayPal is one business that is frequently impersonated by phishermen because the company has a large user base and, as an additional attraction for the scammers, happens to deal in money.

PayPal scam screenshot
Credit: Saidul A Shaari via Flickr/CC by 2.0

This is a photo posted to flickr that highlights a scam email. Notice the address from "PayPal" service has two L's in the email address as the person who took this screenshot shows. This is a clear sign an email is fraudulent, a company is not going to have a misspelling in its name. Another huge red flag is if the email comes from a gmail, Yahoo, Microsoft Live or any other email server.

The size and money aspect are two attractive features that appeal to the phisherman. The larger the user base, statistically the better chance a person who has received a spoof email is actually a customer who might fall for the trick. The fact the company deals in money makes it convenient for a thief to try to gain access to other personal and financial information.

Why You Should Be Careful Clicking Links in Any Email from PayPal

Due to the risks involved, it is a good idea to never click on any hyperlinks included in an email from PayPal (or any email really).  While the company does send out legitimate emails on a regular basis, you can never be too safe. A better option is to bookmark the URL from PayPal's homepage and work from there to correspond with the company. Check the context of the email and then see if it contains any of the red flags that tend to be found in fraudulent emails.

  • Typos are a big warning sign, PayPal sends out professionally worded emails
  • Does the URLs or return email address look weird? If so, it's a fake. Keep in mind, spoofers are sometimes very clever - so even if it looks normal, could still be a fraudulent email.
  • If it asks for sensitive information (i.e. credit card or Social Security numbers), it's not one coming from PayPal.
  • PayPal addresses its customers by name. If generic greetings ("Dear Customer", "Dear Client" are in the email, it's a scam)

Recipients that click on a link in a PayPal email risk being brought to a rogue website if the email turns out to be fake. If a recipient clicks on a link that leads to a spoofed website, this may a) force downloaded malware or b) be a fake PayPal web page that asks for sensitive information which, when submitted, goes right to the phisherman, not to PayPal.

Paypal scam warning screenshot
Credit: Richard Smith via Flickr/CC by 2.0

I found this image on Flickr which shows a Gmail warning from Google that the links contained in the email may be phishing ones. Scammers are sometimes savvy with the email addresses they create that sound pretty official. I'm not clear if the above email is a legitimate PayPal address or not, it's always best to check with the company to see if the return address is real.

What to Do If You Receive a Phishing Email

PayPal informs its customers that if they do happen to click on a link that they believe is a spoof of the real company website, to not enter any information. Instead, PayPal asks its customers to copy/paste the sites web URL address and report it to them.

Additionally, it is a good idea to forward the email you received the bad link from to PayPal, this way they can assess the information and let you know whether the email was fraudulent. You can report the incident to PayPal by forwarding the email to PayPal asks you do not alter the original subject line nor send to them as an attachment. Simply hit the forward button and send to them. Once you've successfully forwarded the email you've received to them, PayPal recommends you delete it from your account.

In 2011, Sophos, a UK-based security company, reported on a scam was spammed out to Internet users asking them whether or not their email address had changed. The email included an attachment that led to an HTML form, spoofed of course. 

PayPal is also one of the most phished brands on the Internet, according to a Sophos report in 2011. Since that time there have been a number of new scams that target the brand, each designed to try to trick users into thinking there is a problem with their account or for seemingly harmless or ordinary reasons, such as confirming an email address. 5

[ Related Reading: Top Scams That Continue to Circulate on the Web and Beyond]