How to help protect your business from phishing and spoofing attempts.
It’s not always easy to spot a scammer, especially when they disguise themselves as a reputable brand.
When scammers make communications look, feel, and sound like the reputable organization they’re impersonating, it’s known as spoofing. Phishing is an attempt to gain access to your sensitive data via fake emails, websites, text messages, or voicemails. Here are a few things to watch out for, to help make sure you don’t fall for these types of scams.
1. Fake emails. One of the most common phishing scams involves sending an email that claims to be from a well-known company — like PayPal. The emails may ask you to:
Tip: Use caution if you get an unexpected payment notification via email. Always verify every payment notification by logging in to your PayPal account and locating the corresponding transaction. All transactions (even pending ones) sent by you, or to you, will show up in your transaction history.
2. Fake websites. A fake website usually works in tandem with a fake email. A link in the email takes you to a site that looks legitimate, and asks you for your password, credit or bank information and/or SSN. These are the red flags of a fake website:
3. Fake text messages. Fake text messages, also known as smishing, are when a cyber criminal is phishing using SMS. You receive an urgent text message with a fake phone number or URL that looks like this:
“Your PayPal account has been suspended due to suspicious activity. Please contact us immediately at 1-408-123-4567. It is imperative that we speak to you as soon as possible.”
If you call the number, you’re confirming you have a PayPal account, and the scammer will ask for your account information.
Scammers may also use a fake link instead of a phone number.
4. Fake voicemails. Fake voicemails, also known as vishing, are when a scammer uses an automated system to make voice calls. Typically, the calls mention an “urgent account problem” and ask you to share account information to remedy it. An example of a vishing attempt is:
“This is PayPal calling about a possible fraudulent transaction on your account. Please enter your PIN now to hear the transaction details.”
When you enter your PIN, the scammer gets the key they need to access your account.
Never provide any account information unless you initiated the phone call. Caller IDs are also easily tricked, so don’t rely on them to verify the call is authentic.
How to protect yourself from phishing and spoofing.
If you think you’ve clicked a bad link, close out of it immediately, run an antivirus check, and then change your password and security questions. Remember, it’s important you run an antivirus check first because you might’ve gotten malware from clicking the link, and the malware can still pick up your new password.
Then, contact your bank or card issuer and explain the situation. Make sure to review your transaction history over the next few weeks to ensure there are no unauthorized transactions on your account, and if there are, report them immediately.
Seems phishy?
If you receive an email that you believe could be phishing, don’t respond in any way and also don’t click any links or open any attachments. Instead, simply forward the email to spoof@paypal.com. In order to investigate the email just as you received it, we ask that you don’t change the subject line or send the suspicious email as an attachment. After forwarding to us, delete the email from your account so that there’s no further threat to you.
How do you know when the communication you’ve received is actually from PayPal?
Be assured that we will never send a request for information via email. Instead, we direct account holders to log in to their account and visit the Resolution Center. You know you’re working on the real PayPal site when the URL is https://www.paypal.com.
Additional tools.
In addition, to help prevent a cyber criminal from using phished information in a transaction with your business, the following tools are available through PayPal and other fraud management vendors:
No matter how vigilant you are, inevitably, you will let down your guard and be tempted to click an unsecure link. To help protect you while you browse (and take away some of the stress), there are several site safety rating tools1 available:
We want to help keep your information secure, and alerting us to possible scam attempts helps protect the PayPal community.
You can also access additional information on online security here or by reviewing our FAQs at the bottom of this page.
1. Fake emails. One of the most common phishing scams involves sending an email that claims to be from a well-known company — like PayPal. The emails may ask you to:
- Visit a fake or "spoof" website
- Call a fake customer service number
- Open attachments that install malicious software on your computer when opened or
- Open attachments you didn’t request
- Start with a generic greeting instead of your name
- Have poor grammar or many typos
- Create a sense of urgency or;
- Ask for personal information like credit or debit card numbers, bank account information, driver’s license number, passwords or your full name. PayPal will never ask for sensitive information in an email.
Tip: Use caution if you get an unexpected payment notification via email. Always verify every payment notification by logging in to your PayPal account and locating the corresponding transaction. All transactions (even pending ones) sent by you, or to you, will show up in your transaction history.
2. Fake websites. A fake website usually works in tandem with a fake email. A link in the email takes you to a site that looks legitimate, and asks you for your password, credit or bank information and/or SSN. These are the red flags of a fake website:
- The URL includes non-secure links. To know if it’s a secure link, check that the URL begins with ‘https’, like in this one: https://www.paypal.com/us. Also look for the "lock" symbol that appears in the address bar or the lower right-hand corner of your browser. This symbol indicates you’re on a secure site.
- The URL directs to a completely different website.
3. Fake text messages. Fake text messages, also known as smishing, are when a cyber criminal is phishing using SMS. You receive an urgent text message with a fake phone number or URL that looks like this:
“Your PayPal account has been suspended due to suspicious activity. Please contact us immediately at 1-408-123-4567. It is imperative that we speak to you as soon as possible.”
If you call the number, you’re confirming you have a PayPal account, and the scammer will ask for your account information.
Scammers may also use a fake link instead of a phone number.
4. Fake voicemails. Fake voicemails, also known as vishing, are when a scammer uses an automated system to make voice calls. Typically, the calls mention an “urgent account problem” and ask you to share account information to remedy it. An example of a vishing attempt is:
“This is PayPal calling about a possible fraudulent transaction on your account. Please enter your PIN now to hear the transaction details.”
When you enter your PIN, the scammer gets the key they need to access your account.
Never provide any account information unless you initiated the phone call. Caller IDs are also easily tricked, so don’t rely on them to verify the call is authentic.
How to protect yourself from phishing and spoofing.
If you think you’ve clicked a bad link, close out of it immediately, run an antivirus check, and then change your password and security questions. Remember, it’s important you run an antivirus check first because you might’ve gotten malware from clicking the link, and the malware can still pick up your new password.
Then, contact your bank or card issuer and explain the situation. Make sure to review your transaction history over the next few weeks to ensure there are no unauthorized transactions on your account, and if there are, report them immediately.
Seems phishy?
If you receive an email that you believe could be phishing, don’t respond in any way and also don’t click any links or open any attachments. Instead, simply forward the email to spoof@paypal.com. In order to investigate the email just as you received it, we ask that you don’t change the subject line or send the suspicious email as an attachment. After forwarding to us, delete the email from your account so that there’s no further threat to you.
How do you know when the communication you’ve received is actually from PayPal?
Be assured that we will never send a request for information via email. Instead, we direct account holders to log in to their account and visit the Resolution Center. You know you’re working on the real PayPal site when the URL is https://www.paypal.com.
Additional tools.
In addition, to help prevent a cyber criminal from using phished information in a transaction with your business, the following tools are available through PayPal and other fraud management vendors:
- Address Verification Service (AVS). Use AVS to verify if the billing address matches the one the card issuer has on file.
- Card Security Code (CSC). The CSC is the three- or four-digit number located on the back of the card that confirms the customer has the card in their possession.
- Bank Identification Number (BIN). The first six numbers listed on a card are known as the BIN and identify the financial institution that issued the card.
- IP geolocation. IP geolocation pinpoints the location of the computer used for the transaction; checking the geolocation details against the billing and shipping address your customer provided can flag possibly fraudulent transactions.
No matter how vigilant you are, inevitably, you will let down your guard and be tempted to click an unsecure link. To help protect you while you browse (and take away some of the stress), there are several site safety rating tools1 available:
- SiteAdvisor.com
- MyWOT.com
- Safeweb.Norton.com
We want to help keep your information secure, and alerting us to possible scam attempts helps protect the PayPal community.
You can also access additional information on online security here or by reviewing our FAQs at the bottom of this page.
1 These products aren’t affiliated with PayPal and may require additional costs.
Frequently asked questions.
You may receive an email falsely claiming to be from PayPal. Sending fake emails is called "phishing" because the sender is "fishing" for your personal information. The goal is to trick you in to giving up your personal, financial, or account information. Phishing emails may ask you to visit a fake or "spoof" website, or call a fake customer service number. These emails can also contain attachments that install malicious software on your computer when opened.
Keep in mind that receiving a fake email doesn't mean your account has been compromised. If you think an email is fake, don't open it. Don't reply to the email, click any links, or download any attachments. If you clicked on any links are or unsure, log in to your PayPal account and check your recent activity to make sure everything looks right.
It's also important to report the fake email or website to PayPal as soon as possible. That way, we can help protect you and other PayPal members. Forward any suspicious email to spoof@paypal.com then, delete the suspicious email.
When you aren't sure if you can trust an email claiming to be from PayPal, here are a few guidelines that can help you spot the real from the fake:
Impersonal, generic greetings are used; such as “Dear user” or “Dear [your email address]”.
Emails from PayPal will always address you by your first and last names or by your business name. We never say things like "Dear user" or "Hello PayPal member".
Ask you to click on links that take you to a fake website.
If there's a link in an email, always check it before you click. A link could look perfectly safe like www.paypal.com/SpecialOffers. Make sure to move your mouse over the link to see the true destination. If you aren’t certain, don’t click on the link. Just visiting a bad website could infect your machine.
Contain unknown attachments.
Don't ever open an attachment unless you're sure it's legitimate and safe. Be particularly cautious of invoices from companies and contractors you're not familiar with. Some attachments contain viruses that install themselves when opened.
Convey a false sense of urgency.
Phishing emails are often alarmist, warning that your account needs to be updated immediately. They're hoping you'll fall for their sense of urgency and ignore warning signs that it's fake.
If there is an urgent need for you to complete something on your account, you can find this information by logging in to your PayPal account.
The following are some common scams where fraudsters use spoofed emails. When in doubt, always log in to your PayPal account and view the Resolution Center for any notifications.
"Your account is about to be suspended."
Many fraudsters send spoofed emails warning that an account is about to be suspended, and that the account holder must enter their password in a (spoofed) webpage. PayPal will never ask you to enter your password unless you're on the login page. Report any suspect email by forwarding it to spoof@paypal.com.
"You've been paid."
Some fraudsters try to trick you in to thinking that you've received a payment for an order. They want what you're selling for free. Before you ship anything, log in to your PayPal account and check that you were actually paid.
"You have been paid too much."
Fraudsters may try to convince you that you've been paid more than you were owed. For example, a spoofed email says that you’ve been paid $500 for a camera you listed at $300. The sender asks you to ship the camera in addition to the extra $200 you were “paid” by mistake. The scammer wants your camera AND your money, but hasn’t actually paid you at all.
Simply log in to your PayPal account and check that you were paid before sending anything.
If you received an email seemingly from PayPal that states you’ve received money, check to make sure the email isn't fake. Some signs:
The email does not address you by your first and last name.
The email says the money is “on hold” until you complete an action (i.e., send money through Western Union or click a link to submit a tracking number). You can easily see if you received money by logging in to your PayPal account (do not click any links within the email). If you’ve been paid, you’ll see the payment in your account.
Here's a video on identifying suspicious emails:
Keep in mind that receiving a fake email doesn't mean your account has been compromised. If you think an email is fake, don't open it. Don't reply to the email, click any links, or download any attachments. If you clicked on any links are or unsure, log in to your PayPal account and check your recent activity to make sure everything looks right.
It's also important to report the fake email or website to PayPal as soon as possible. That way, we can help protect you and other PayPal members. Forward any suspicious email to spoof@paypal.com then, delete the suspicious email.
When you aren't sure if you can trust an email claiming to be from PayPal, here are a few guidelines that can help you spot the real from the fake:
Impersonal, generic greetings are used; such as “Dear user” or “Dear [your email address]”.
Emails from PayPal will always address you by your first and last names or by your business name. We never say things like "Dear user" or "Hello PayPal member".
Ask you to click on links that take you to a fake website.
If there's a link in an email, always check it before you click. A link could look perfectly safe like www.paypal.com/SpecialOffers. Make sure to move your mouse over the link to see the true destination. If you aren’t certain, don’t click on the link. Just visiting a bad website could infect your machine.
Contain unknown attachments.
Don't ever open an attachment unless you're sure it's legitimate and safe. Be particularly cautious of invoices from companies and contractors you're not familiar with. Some attachments contain viruses that install themselves when opened.
Convey a false sense of urgency.
Phishing emails are often alarmist, warning that your account needs to be updated immediately. They're hoping you'll fall for their sense of urgency and ignore warning signs that it's fake.
If there is an urgent need for you to complete something on your account, you can find this information by logging in to your PayPal account.
The following are some common scams where fraudsters use spoofed emails. When in doubt, always log in to your PayPal account and view the Resolution Center for any notifications.
"Your account is about to be suspended."
Many fraudsters send spoofed emails warning that an account is about to be suspended, and that the account holder must enter their password in a (spoofed) webpage. PayPal will never ask you to enter your password unless you're on the login page. Report any suspect email by forwarding it to spoof@paypal.com.
"You've been paid."
Some fraudsters try to trick you in to thinking that you've received a payment for an order. They want what you're selling for free. Before you ship anything, log in to your PayPal account and check that you were actually paid.
"You have been paid too much."
Fraudsters may try to convince you that you've been paid more than you were owed. For example, a spoofed email says that you’ve been paid $500 for a camera you listed at $300. The sender asks you to ship the camera in addition to the extra $200 you were “paid” by mistake. The scammer wants your camera AND your money, but hasn’t actually paid you at all.
Simply log in to your PayPal account and check that you were paid before sending anything.
If you received an email seemingly from PayPal that states you’ve received money, check to make sure the email isn't fake. Some signs:
The email does not address you by your first and last name.
The email says the money is “on hold” until you complete an action (i.e., send money through Western Union or click a link to submit a tracking number). You can easily see if you received money by logging in to your PayPal account (do not click any links within the email). If you’ve been paid, you’ll see the payment in your account.
Here's a video on identifying suspicious emails:
You may be receiving emails from us because a PayPal account has been registered with your email.
Someone may have mistakenly added it to their account when they signed up, either mistyping it or intentionally entering an email that wasn’t theirs.
Or it was recycled by a domain provider like Gmail, Hotmail, etc. If you have an email account and stop using it for a while, the domain provider can reissue the email address to the public and allow it to be used again by someone else.
If you find yourself in this situation, please call us on 1-888-221-1161 and we’ll help you sort it out.
How do I know the email is genuinely from PayPal and not a spoof email?
• Generic Greetings
Be wary of impersonal greetings like “Dear User”, or your email address. A legitimate PayPal email will always greet you by your first and last name.
• Typos/Poor Grammar
Emails sent by popular companies are almost always free of misspellings and grammatical errors.
• False Sense of Urgency
Many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
• Request for financial/personal information
We never send emails asking you for your bank account number, debit or credit card number or any personal details like your date of birth or social security number.
• Attachments
A real email from PayPal will never include attachments. You should never open an attachment unless you are 100% sure it’s legitimate, because they can contain spyware or viruses.
For more information about email phishing, check our Security page.
Someone may have mistakenly added it to their account when they signed up, either mistyping it or intentionally entering an email that wasn’t theirs.
Or it was recycled by a domain provider like Gmail, Hotmail, etc. If you have an email account and stop using it for a while, the domain provider can reissue the email address to the public and allow it to be used again by someone else.
If you find yourself in this situation, please call us on 1-888-221-1161 and we’ll help you sort it out.
How do I know the email is genuinely from PayPal and not a spoof email?
• Generic Greetings
Be wary of impersonal greetings like “Dear User”, or your email address. A legitimate PayPal email will always greet you by your first and last name.
• Typos/Poor Grammar
Emails sent by popular companies are almost always free of misspellings and grammatical errors.
• False Sense of Urgency
Many scam emails tell you that your account will be in jeopardy if something critical is not updated right away.
• Request for financial/personal information
We never send emails asking you for your bank account number, debit or credit card number or any personal details like your date of birth or social security number.
• Attachments
A real email from PayPal will never include attachments. You should never open an attachment unless you are 100% sure it’s legitimate, because they can contain spyware or viruses.
For more information about email phishing, check our Security page.
How to spot fake, fraudulent, spoof, or phishing emails
How do I report potential fraud, spoof or unauthorized transactions to PayPal?
How do I report a fake PayPal email or website?
How do I check the status of my spoof claim?
Scams on Craigslist and other classifieds websites
How to spot fake, fraudulent, spoof, or phishing emails
You may receive an email falsely claiming to be from PayPal. Sending fake emails is called "phishing" because the sender is "fishing" for your personal information. The goal is to trick you in to giving up your personal, financial, or account information. Phishing emails may ask you to visit a fake or "spoof" website, or call a fake customer service number. These emails can also contain attachments that install malicious software on your computer when opened.
Keep in mind that receiving a fake email doesn't mean your account has been compromised. If you think an email is fake, don't open it. Don't reply to the email, click any links, or download any attachments. If you clicked on any links are or unsure, log in to your PayPal account and check your recent activity to make sure everything looks right.
It's also important to report the fake email or website to PayPal as soon as possible. That way, we can help protect you and other PayPal members. Forward any suspicious email to spoof@paypal.com then, delete the suspicious email.
When you aren't sure if you can trust an email claiming to be from PayPal, here are a few guidelines that can help you spot the real from the fake:
Impersonal, generic greetings are used; such as “Dear user” or “Dear [your email address]”.
Emails from PayPal will always address you by your first and last names or by your business name. We never say things like "Dear user" or "Hello PayPal member".
Ask you to click on links that take you to a fake website.
If there's a link in an email, always check it before you click. A link could look perfectly safe like www.paypal.com/SpecialOffers. Make sure to move your mouse over the link to see the true destination. If you aren’t certain, don’t click on the link. Just visiting a bad website could infect your machine.
Contain unknown attachments.
Don't ever open an attachment unless you're sure it's legitimate and safe. Be particularly cautious of invoices from companies and contractors you're not familiar with. Some attachments contain viruses that install themselves when opened.
Convey a false sense of urgency.
Phishing emails are often alarmist, warning that your account needs to be updated immediately. They're hoping you'll fall for their sense of urgency and ignore warning signs that it's fake.
If there is an urgent need for you to complete something on your account, you can find this information by logging in to your PayPal account.
The following are some common scams where fraudsters use spoofed emails. When in doubt, always log in to your PayPal account and view the Resolution Center for any notifications.
"Your account is about to be suspended."
Many fraudsters send spoofed emails warning that an account is about to be suspended, and that the account holder must enter their password in a (spoofed) webpage. PayPal will never ask you to enter your password unless you're on the login page. Report any suspect email by forwarding it to spoof@paypal.com.
"You've been paid."
Some fraudsters try to trick you in to thinking that you've received a payment for an order. They want what you're selling for free. Before you ship anything, log in to your PayPal account and check that you were actually paid.
"You have been paid too much."
Fraudsters may try to convince you that you've been paid more than you were owed. For example, a spoofed email says that you’ve been paid $500 for a camera you listed at $300. The sender asks you to ship the camera in addition to the extra $200 you were “paid” by mistake. The scammer wants your camera AND your money, but hasn’t actually paid you at all.
Simply log in to your PayPal account and check that you were paid before sending anything.
If you received an email seemingly from PayPal that states you’ve received money, check to make sure the email isn't fake. Some signs:
How do I report potential fraud, spoof or unauthorized transactions to PayPal?
How do I report a fake PayPal email or website?
If you think you’ve received a suspicious email or have been directed to a fake website, forward it to spoof@paypal.com and we’ll investigate it for you. After you send us the email, delete it from your inbox. If you clicked on any links or downloaded any attachments within the suspicious email or website, log into your account and view your transactions. It’s also a good idea to change your password.
To report SPAM SMS messages, forward them to ‘7726’ (which is the keys for SPAM on most phones). Check with your service provider to find out if this service is supported or you can read more about the service on the GSMA website.
To view all your transactions and activity, log in to your PayPal account and check your recent activity. If you see any unauthorized transactions, go to the Resolution Center to report it.
Back to top
How do I check the status of my spoof claim?
Your account security is important to us. After filing a claim for unauthorized use of your PayPal account, please allow up to 10 business days for us to conduct an investigation. If the claim is decided in your favor, all unauthorized transactions and fees will be refunded to your account.
Here's how to check the status of your claim:
Back to top
Scams on Craigslist and other Classified Websites
Although most online transactions are safe, you should use caution when selling items on websites such as Craigslist. Unfortunately, some people using these websites make promises regarding payments through PayPal but do not follow through with the payment. Look for common warning signs that someone may be trying to scam you:
Please forward all suspicious emails to spoof@paypal.com.
Back to top
How do I report potential fraud, spoof or unauthorized transactions to PayPal?
How do I report a fake PayPal email or website?
How do I check the status of my spoof claim?
Scams on Craigslist and other classifieds websites
How to spot fake, fraudulent, spoof, or phishing emails
You may receive an email falsely claiming to be from PayPal. Sending fake emails is called "phishing" because the sender is "fishing" for your personal information. The goal is to trick you in to giving up your personal, financial, or account information. Phishing emails may ask you to visit a fake or "spoof" website, or call a fake customer service number. These emails can also contain attachments that install malicious software on your computer when opened.
Keep in mind that receiving a fake email doesn't mean your account has been compromised. If you think an email is fake, don't open it. Don't reply to the email, click any links, or download any attachments. If you clicked on any links are or unsure, log in to your PayPal account and check your recent activity to make sure everything looks right.
It's also important to report the fake email or website to PayPal as soon as possible. That way, we can help protect you and other PayPal members. Forward any suspicious email to spoof@paypal.com then, delete the suspicious email.
When you aren't sure if you can trust an email claiming to be from PayPal, here are a few guidelines that can help you spot the real from the fake:
Impersonal, generic greetings are used; such as “Dear user” or “Dear [your email address]”.
Emails from PayPal will always address you by your first and last names or by your business name. We never say things like "Dear user" or "Hello PayPal member".
Ask you to click on links that take you to a fake website.
If there's a link in an email, always check it before you click. A link could look perfectly safe like www.paypal.com/SpecialOffers. Make sure to move your mouse over the link to see the true destination. If you aren’t certain, don’t click on the link. Just visiting a bad website could infect your machine.
Contain unknown attachments.
Don't ever open an attachment unless you're sure it's legitimate and safe. Be particularly cautious of invoices from companies and contractors you're not familiar with. Some attachments contain viruses that install themselves when opened.
Convey a false sense of urgency.
Phishing emails are often alarmist, warning that your account needs to be updated immediately. They're hoping you'll fall for their sense of urgency and ignore warning signs that it's fake.
If there is an urgent need for you to complete something on your account, you can find this information by logging in to your PayPal account.
The following are some common scams where fraudsters use spoofed emails. When in doubt, always log in to your PayPal account and view the Resolution Center for any notifications.
"Your account is about to be suspended."
Many fraudsters send spoofed emails warning that an account is about to be suspended, and that the account holder must enter their password in a (spoofed) webpage. PayPal will never ask you to enter your password unless you're on the login page. Report any suspect email by forwarding it to spoof@paypal.com.
"You've been paid."
Some fraudsters try to trick you in to thinking that you've received a payment for an order. They want what you're selling for free. Before you ship anything, log in to your PayPal account and check that you were actually paid.
"You have been paid too much."
Fraudsters may try to convince you that you've been paid more than you were owed. For example, a spoofed email says that you’ve been paid $500 for a camera you listed at $300. The sender asks you to ship the camera in addition to the extra $200 you were “paid” by mistake. The scammer wants your camera AND your money, but hasn’t actually paid you at all.
Simply log in to your PayPal account and check that you were paid before sending anything.
If you received an email seemingly from PayPal that states you’ve received money, check to make sure the email isn't fake. Some signs:
- The email does not address you by your first and last name.
- The email says the money is “on hold” until you complete an action (i.e., send money through Western Union or click a link to submit a tracking number). You can easily see if you received money by logging in to your PayPal account (do not click any links within the email). If you’ve been paid, you’ll see the payment in your account.
How do I report potential fraud, spoof or unauthorized transactions to PayPal?
It’s extremely important to report any suspected instances of fraud. If you think your account has been compromised change your password and update your security questions right away to protect your account (we may limit what you can do on your account until you do so). Here are some types of fraudulent activity. Please follow the steps we’ve included below to report them:
- Unauthorized activity on your PayPal account
- Unauthorized transactions on your PayPal Debit MasterCard®
- Fake PayPal emails or spoof websites
- Items not received or a potential fraudulent seller
Unauthorized activity on your PayPal account
If you've received an email notification that something has been changed on your account, but you don't remember changing it, please change your password and security questions. Next, you can update any changed information, such as your email address, address, phone number, or other profile information.
If you notice a transaction that you didn’t authorize on your PayPal, bank or credit card statement, let us know right away through our Resolution Center. Some charges may appear unfamiliar but are legitimate and authorized, learn more.
- Go to the Resolution Center at the bottom of the page.
- Click Report a Problem.
- Select the transaction you want to dispute, and click Continue.
- Select “I want to report unauthorized activity.”
- Click Continue.
- Follow the instructions to finish opening your dispute.
If you can't log in to your PayPal account, follow the steps to reset your password.
Unauthorized transactions on your PayPal Debit Mastercard®
If the unauthorized transaction involves your PayPal Debit Mastercard:
- Go to the Resolution Center at the bottom of the page.
- Click Report a Problem.
- Select the transaction you want to dispute, and click Continue.
- Select “I want to report unauthorized activity.”
- Click Continue.
- Follow the instructions to finish opening your dispute.
Here's how to report your PayPal Business Debit Card lost or stolen.
- Click PayPal debit card under your PayPal balance.
- Click the card you want to report lost or stolen under "Manage my cards."
- Click Report this card lost or stolen card.
- Click Deactivate Now.
Fake PayPal emails or spoof websites
If your account is limited, we'll send you an email with the reason for the limitation. For your convenience, we always list the steps to remove the limitation in the Resolution Center under Steps to Remove Limitation.
If you received an email stating that your account is limited but don't see any steps in the Resolution Center, you may have received a fake email. Forward it to spoof@paypal.com and we’ll investigate it for you. After you send us the email, delete it from your inbox. If you clicked on any links or downloaded any attachments within the suspicious email or website, log in to your account and view your transactions. It’s also a good idea to change your password.
Items not received or a potential fraudulent seller
If you sent a payment but haven’t received what you paid for, or believe the seller to be fraudulent, you should visit our Resolution Center. We’ve developed several programs to help protect you, and opening a dispute is the first step to help get your problem resolved. Here’s how:
- Go to the Resolution Center.
- Click Report a Problem.
- Select the transaction you want to dispute.
- Click Continue.
- Select either I didn't receive an item I purchased or the item I received was significantly not as described or I want to report unauthorized activity, depending on the nature of your dispute.
- Click Continue.
- Follow the instructions to file your dispute.
How do I report a fake PayPal email or website?
If you think you’ve received a suspicious email or have been directed to a fake website, forward it to spoof@paypal.com and we’ll investigate it for you. After you send us the email, delete it from your inbox. If you clicked on any links or downloaded any attachments within the suspicious email or website, log into your account and view your transactions. It’s also a good idea to change your password.
To report SPAM SMS messages, forward them to ‘7726’ (which is the keys for SPAM on most phones). Check with your service provider to find out if this service is supported or you can read more about the service on the GSMA website.
To view all your transactions and activity, log in to your PayPal account and check your recent activity. If you see any unauthorized transactions, go to the Resolution Center to report it.
Back to top
How do I check the status of my spoof claim?
Your account security is important to us. After filing a claim for unauthorized use of your PayPal account, please allow up to 10 business days for us to conduct an investigation. If the claim is decided in your favor, all unauthorized transactions and fees will be refunded to your account.
Here's how to check the status of your claim:
- Go to the Resolution Center.
- Select Cases being reviewed by PayPal from the "View" menu, or select Closed cases (last 15 days) if your case has recently been closed.
- Click Details next to the claim.
Back to top
Scams on Craigslist and other Classified Websites
Although most online transactions are safe, you should use caution when selling items on websites such as Craigslist. Unfortunately, some people using these websites make promises regarding payments through PayPal but do not follow through with the payment. Look for common warning signs that someone may be trying to scam you:
- The buyer can’t meet in person because of a number of reasons (i.e., they are a soldier in Iraq, they are a marine biologist, etc.).
- The buyer requested you send the item to their “shipping agent.”
- The buyer offered you more money than you were asking.
- The buyer asked you to send money through Western Union or MoneyGram to the “shipping agent.”
- The buyer only sends you text messages and won’t speak to you on the phone.
- If you received an email seemingly from PayPal that states you received money, look for these signs to see if the email is a fake:
- The email does not address you by your first and last name
- The email says the money is on “hold” until you complete an action (i.e. send money through Western Union, or click a link to submit a tracking number).
- You can easily see if you received money by logging in to your PayPal account (do not click any links within the email). If you’ve been paid you’ll see the payment in your account.
Please forward all suspicious emails to spoof@paypal.com.
Back to top
PayPal approves transactions for the following AVS codes:
- Domestic transactions: A, W, X, Y, Z, B, D, P, M, F
- On international transactions PayPal will only deny: N, E