How Do Paypal Scams Work?

Paypal scams are your typical run-of-the-mill phishing campaigns. They are designed to gain access to a victims Paypal account, which usually stores bank account numbers, credit card information, and various forms of personal identification that can be useful when stealing someone’s money and even identity.

Paypal is designed to make purchasing products and services online much safer. You have all of your personal and financial information contained in one secure place and can use that account to pay for all of your online transactions. This way, the actual companies you deal with receive their money but never have access to your account information.

Of course, all of this information sitting there is very attractive to a scammer or identity theft who can use that information for their own gain. The easiest way for them to gain access to that information is through Paypal account holders directly.

Phishing websites are set up which look exactly like the original Paypal site. There will be slight variations in the exact URL of the site, but most victims never even notice this. Some notice, but only after sending through their personal information and it is too late.

Inside Look At Paypal Scams

This is how it works. A scam artist sets up a website that looks exactly like the real Paypal site with a very similar URL address. They then send out bogus emails to random people stating that their Paypal account needs to be updated or has other various types of problems. There is a link in the email that will lead to the phishing site, instead the legitimate www.paypal.com.

The victim is then directed to “verify” their personal information by signing into this fake site and then filling out their information. Once they send it through, it goes directly to the scammer instead of the real Paypal.

That Paypal account can then be accessed by the scammer, along with all of the personal and financial information located in the account. Before the victim realizes what happened, they are usually overdrawn in their bank accounts, their credit cards maxed out, and various other problems related to the compromise of their identity must be dealt with.

If you are a Paypal member, note that a legitimate email will always refer to you by name. A phishing email will use no name or a generic term without any real name attached. Also, go directly to www.paypal.com yourself instead of clicking a link in an email. You will find that there is no problem with your account when you do this. To read more information on "spotting a fake website" please read this article.

All of these phishing emails should be forwarded to spoof@paypal.com and then deleted. Never reply or click any of the links. Paypal will email you back stating that it was in fact a real or phishing email.