How do I spot a fake, fraudulent, or phishing PayPal email or website?
If you receive a message and are unsure it’s really from PayPal, check to see if it does any of the following:
- Uses impersonal, generic greetings, such as “Dear user” or “Dear [your email address].” Our emails will always address you by your first and last names or by your business name. We never say things like "Dear user" or "Hello PayPal member.”
- Asks you to click on links that take you to a fake website. Always check links in an email before you click them. A link could look perfectly secure like www.paypal.com/SpecialOffers. Make sure to move your mouse over the link to see the true destination. If you aren’t certain, don’t click on the link.
- Contains unknown attachments. Only open an attachment if you're sure its legitimate and secure. Be particularly cautious of invoices from companies and contractors you're not familiar with. Some attachments contain viruses that install themselves when opened.
- Conveys a false sense of urgency. Phishing emails are often alarmist, warning you to update your account immediately. They're hoping you'll fall for their sense of urgency and ignore warning signs that the email is fake. If there’s an urgent need for you to complete something on your account, you can find this information by logging into PayPal.
The following are common scams where fraudsters use spoofed emails.
- "Your account is about to be suspended." Many fraudsters send spoofed emails warning you that your account is about to be suspended. The email will ask you to enter your password on a (spoofed) webpage. We’ll only ask you to enter your password on our login page. Always log in to PayPal and view the Resolution Center for any notifications.
- "You've received a payment." Some fraudsters try to trick you into thinking you've received a payment for an order. They want what you're selling for free. Before you ship anything, log in to PayPal and check that you actually received a payment. We'll never ask you to share a tracking number by email. If you received a payment, you’ll always see it in your PayPal activity.
- "You’ve been paid too much." Fraudsters may try to convince you that they overpaid for an item. For example, they’ll send an email that says they’ve paid you $500.00 USD for a camera you listed at $300.00 USD. The sender asks you to ship the camera in addition to the extra $200.00 USD you were “paid” by mistake. The fraudster wants your camera AND your payment but hasn’t actually paid you at all. Before sending anything, login to PayPal and check that you received a payment.
To report a suspicious email or website, forward it to email@example.com and we’ll investigate it for you. After you send us the email, delete it from your inbox.
To learn more about online safety, visit our Security Center.
Was this article helpful?