PayPal, a digital payment service that allows users to send and transfer money online, is one of the most popular payment gateways.
It boasts a vast global presence that includes an active user base of more than 350 million users. So dominant and popular is PayPal that the Wall Street Journal says if it were a real bank, it would be the 21st largest bank in the USA.
Unfortunately, this dominance has seen PayPal somewhat become a victim of its success.
According to Verizon's Data Breach Investigations Report, the primary motivation for cyber attackers is financial. This makes PayPal a hot and attractive target for cybercriminals seeking to steal user credentials, compromise their accounts, steal funds, and probably view their payment card data.
As millions of individuals and businesses turn to digital and online contactless payments like PayPal, they are involuntary targets for scammers trying to trick them into sending money or stealing their data. Cybercriminals are advancing and devising new scams daily.
The following are 5 of the most common ways PayPal scammers are likely to target you and how to avoid them.
- Phishing emails and websites
The most common scam used by hackers’ tricks PayPal users is phishing where they are lured to click on malicious links. Specifically, the attackers send you a phishing email resembling the official PayPal email warning of a problem with your account.
The email may also include like; 'details associated with your account are invalid,' 'your account is about to be suspended,' 'Verify your account or 'suspicious activity has been detected on your account and urgent action is required.'
The email then encourages you to click a link to check or review your details by creating urgency and panic. Should you fall for the trap and click, the link can either infect your device with malware or redirect you to a fake PayPal website set up to harvest your details once you enter them.
Unauthorized exposure of your sensitive information could lead to identity theft, fraudulent purchases, or bank fraud.
How to Avoid: Always look for accuracy in any email message you receive. Remember PayPal will never report a problem to you in any inaccurate manner or language. Also, be sure to watch out that the web addresses match the service's official address. Otherwise, it could be a scam.
- You're a prize winner
Often, scammers can send an email informing you that you've won a prize. However, to receive it, you need to pay a transaction fee. Incautious users may end up sending money only to realize they've been scammed.
How to Avoid: In the real sense, you can't win a prize for a competition you've never entered, which is a major red flag. Be aware! Legitimate prize competitions would never ask for advance payment so you can get your prize. Never send money to strangers.
- Advance payment fraud/ 419 scam
Like the prize-winning scam, you receive notifications informing you that you're a beneficiary of a certain amount of money. This could be an inheritance from a long-lost relative or some other compensation. PayPal scammers then go ahead and tell you to pay a small advance PayPal payment and presumably fill out a form with personal data to receive the money. Of course, it's a scam, and the scammer will cut contact upon payment. Any personal data disclosed is harvested and perhaps sold on the dark web or used to wipe out your accounts.
How to Avoid: Don't transfer money or disclose personal information to strangers. Pay close attention to all of the details and do not make decisions in a hurry.
- Social media promotions
With most people now spending time on social platforms, cybercriminals have also set camp there. Here, the scam often comes in the form of fake promotions, competitions, or shared social media posts with the ulterior motive of directing you to a phishing website where you will be requested to submit your details.
How to Avoid: Research and verify promotions and posts from the official PayPal site or social media page. Official pages are often denoted with a blue tick.
- Charitable donations and investments
In this case, scammers use disasters to send out fake invoices for various relief and charitable donations. Alternatively, they may trick you into 'get rich quickly' investments. Once you send the money, they disappear.
How to Avoid: Research and verify genuinely existing donations. Use the internet to check the reputation and authenticity of any charitable foundation or organization you consider sending money to.
PayPal's reputation as a brand is one of the safest online payment options. However, that does not mean PayPal is entirely risk-free from fraudulent activity. Regardless of PayPal's user security efforts and policies, security starts with you.
PayPal will never send you an email apart from paypal.com, make grammatical errors, use generic greetings or ask you to click on links or attachments. Users must therefore remain cautious of any of the red flags mentioned above.
Should you notice them, discontinue communication and report to PayPal immediately.