Your security is our top priority.

We help protect you when you buy and sell online but there are some things you should know and do to help keep you, your information and your money safer.

Watch out for hoaxes, phishing and scams.

Online hoaxes are getting more sophisticated, making it tough to know whether an email, SMS or website is real. It’s important you learn how to spot the fakes so you stay safer online.

Hoax websites.

Hoax websites often look like the real thing.

  • When logging in to banking, shopping or email sites, always look for “https” at the beginning of the URL – the “s” stands for secure
  • Check for the padlock symbol in your browser’s address bar
  • Make sure the URL is genuine. Phishers often create fake websites with URLs similar to the real one
  • Enter site URLs straight into your browser’s address bar. Don’t rely on links in emails as they could be fake



Phishing emails.

The people behind phishing emails are experts in manipulation. Look out for:

  • Generic greetings, like “Dear user”
  • False links. Hover over a link or tap and hold it on a mobile device to see its destination
  • Wrong, out of date or out of place logos or design
  • Upsetting or urgent statements demanding you react immediately
  • Bad spelling and grammar
  • Requests for financial or personal information

  • Think you’ve received a phishing email? Forward it to phishing@paypal.com.au

Scams.

Scammers try to trick you into giving them money. Look out for:

  • Offers to pay more than usual for an item
  • Requests to use a buyer’s shipping company
  • Amazing, too good to be true offers
  • The promise of money in return for a favour
  • A promise to donate to charity if you contact them
  • Notifications of lottery wins
  • Unsolicited job offers


  • Also beware of unexpected emails, Facebook or other online messages from a friend asking for money. Their account may have been hacked.
    See examples of scam and phishing emails

Be cautious when communicating with others through direct messaging as scammers may attempt to trick you into providing personal information. PayPal users should never share sensitive personal or financial information, for example:

Bank Account Numbers, including last four digits

Credit Card Number and CVV/CVV2/PINs

Passwords/PINs

Credit Data or Credit Score

Tax File Number

Account Balance, Credit Balance of any PayPal account or service

Government Issued ID information, for example: Passport, Driver Licence

Home address, date of birth, or personal family information

Create safer passwords and PINs.

  • Make sure your password is at least 8 characters long and includes a mix of upper and lowercase letters, numbers and symbols
  • Don’t use “password”, everyday words, your name, postcode, car registration number or any other easily guessed password or PIN
  • Keep login, password and PIN details private; memorise them immediately and never write them down, don’t tell anyone what they are (not even family or friends), and don’t let anyone else see you entering them
  • Change your password and PIN regularly and don’t use the same one on multiple sites
  • Don’t let your browser save passwords or PINs for you
  • Contact us immediately if you have forgotten a password or PIN, or if you suspect someone else is using them
It’s important you protect your password and PIN details as you could be liable for an unauthorised transaction if you voluntarily reveal your password or PIN to anyone else or fail to protect it. Your liability for losses from an unauthorised transaction is limited by the ePayments Code.
Learn more about your liability for unauthorised transactions

Shop safely online.

  • Only buy from reputable websites and online retailers
  • Double check all details of your purchase before confirming payment
  • Always log out of sites you’ve registered details with; closing the browser is not enough
  • Check your bank and credit card statements carefully
  • Make sure you have the latest antivirus software protecting your computer

Sell safely.

  • Always make sure the funds are in your PayPal account before shipping the item
  • Don’t include personal information when describing items for sale
  • Make sure no personal details can be seen in the background of photographs of items you’re selling, e.g. house number or car number plates
  • Consider setting up a separate email address for sales and customer service so your personal email account remains private
  • If offering an item for pick up or personal delivery, don’t go alone and try to meet in a public place
Learn how to reduce your exposure to fraud

Security on the move.

Smartphones and tablets need to be protected, just like your computer.

  • Use a PIN or password to lock access to your device and ensure it locks automatically when not in use
  • Turn on automatic updates for software and apps
  • When installing new apps, review permissions and decide whether you’re comfortable granting the access being asked for
  • Check your mobile bill for unusual charges
  • Enable “Find My Device” so you can recover it or delete its content remotely if it’s lost or stolen

How PayPal protects you.

We use the latest security technology to help protect you from online fraud.

  • We authenticate outgoing emails with DMARC technology. Participating email providers mark unauthenticated emails as hoaxes and send them to your spam folder or restrict their delivery to you.
  • We have staff dedicated to answering your phishing email queries, identifying unauthorised transactions and working with local authorities to help stop scammers.
  • When you communicate with us online, your data is encrypted.

Questions and answers

I’ve received a request for information. How do I know it’s really from PayPal?

Sometimes we need to ask for more information about you, your business or some of your transactions. If we do this, we’ll always ask you to log in to your account to provide more information via the Resolution Centre. Remember, don’t click on a link to provide personal or financial information – always visit our site by typing www.paypal.com.au into your browser’s address bar