Common PayPal scams and how to avoid them

Online shopping is more popular than ever
-Credit: (Image: Reach Publishing Services Limited)


With Cyber Monday just around the corner and Christmas looming ever closer, many people may turn to the internet for their festive shopping this year. But the convenience of shopping from the comfort of your own home comes with its own unique potential risks that you would not find in your average high street shop.

Paypal, a company which operates as a payment processor for online vendors, is one of the most popular ways for people to pay for goods online. Like any online service which handles sensitive personal and financial data, this makes the platform a tempting target for scammers.

The most commonly seen scams are phishing emails disguised as official PayPal communications in order to steal users' login credentials or financial information. But there are a number of other less well-known traps people should be aware of, including:

  • Fake promotional offers such as cash rebates, discounts on future purchases, or online vouchers, linking to convincing but fraudulent websites set up to steal personal information.

  • Fake "order confirmation" emails claiming a user has made a large purchase that needs to be verified with their login details

  • The "Friends and Family" payment scam, which manipulates buyers into using PayPal’s “Friends and Family” payment option under the guise of securing a great Black Friday deal. This option does not offer buyer protection, making it an easy target for fraud.

  • Weak passwords or outdated security settings

Cybersecurity experts at e-commerce holding platform Hypernode has put together a list of practical tips for shoppers so they can stay safe online this holiday season. Milan Bosman, commercial director, said: “Black Friday has become a prime day, not just for bargain hunters, but for scammers too. Cybercriminals are increasingly taking advantage of the reduced vigilance that comes with the excitement of a great deal.

“With discounts now reaching record levels, distinguishing between genuine offers and scams has become harder than ever. By following these tips, shoppers can enjoy Black Friday without falling victim to fraud.”

Seven ways to protect against PayPal scams

1. Verify email senders and links

Always check the sender’s email address carefully to ensure it’s from PayPal’s official domain (@paypal.com). Fraudsters often use subtle variations. Avoid clicking links in unsolicited emails, instead, log in to PayPal directly through the official app or website to verify claims.

2. Avoid Friends and Family Payments for purchases

Only use the “Friends and Family” option for transferring money to people you know and trust. When buying goods or services, always use PayPal’s “Goods and Services” option, which offers buyer protection.

3. Be cautious of promotional offers

Be sceptical of deals that seem too good to be true. Stick to known retailers or verified PayPal promotions. Cross-reference links in promotional emails with official retailer websites to confirm their legitimacy.

4. Enable two-factor authentication (2FA)

Add an extra layer of security to your PayPal account by enabling 2FA. This requires a one-time code (sent to your phone or email) alongside your password, making it far harder for scammers to access your account.

5. Watch out for fake confirmations

If you receive an unexpected order confirmation email, don’t click any links. Log in directly to your PayPal account to check for suspicious transactions or contact PayPal’s support team for clarification.

6. Monitor your PayPal account

During busy shopping periods like Black Friday, turn on account notifications via the PayPal app or website. This way, you can quickly spot and act on any unusual activity.

7. Stick to trusted websites

Shop with reputable retailers and always check website URLs for errors or unusual endings (for example, .net instead of .com). Look for the padlock icon in the browser bar to confirm a site is secure.