Home
  • Payments and Transfers
  • Disputes and Limitations
  • My Account
  • My Wallet
  • Login & Security
  • Seller Tools

How do I spot a fake, fraudulent, or phishing PayPal email or website?

If you receive a message and are unsure it's really from PayPal, check to see if it does any of the following:  

  • Uses impersonal, generic greetings, such as "Dear user" or "Dear [your email address]." Our emails will always address you by your first and last names or by your business name. We never say things like "Dear user" or "Hello PayPal member." 
  • Asks you to click on links that take you to a fake website. Always check links in an email before you click them. A link could look perfectly secure, like www.paypal.com/SpecialOffers. Move your mouse over the link to see the true destination. If you aren't sure, don't click on the link. 
  • Contains unknown attachments. Only open an attachment if you're sure it's legitimate and secure. Be particularly cautious of invoices from companies and contractors you're unfamiliar with. Some attachments contain viruses that install themselves when opened. 
  • Conveys a false sense of urgency. Phishing emails are often alarmist, warning you to update your account immediately. They hope you'll fall for their sense of urgency and ignore warning signs that the email is fake. If you need to complete something on your account, you can find this information by logging into PayPal.
  • The sender's email address changes when you click or move your mouse over the address. Check if the email comes from service@paypal.com.

The following are common scams where fraudsters use spoofed emails.

  • "Your account is about to be suspended." Many fraudsters send spoofed emails warning you that your account is about to be suspended. The email will ask you to enter your password on a (spoofed) webpage. We’ll only ask you to enter your password on our login page. Always log in to PayPal and view the Resolution Center for any notifications.
  • "You've received a payment." Some fraudsters try to trick you into thinking you've received a payment for an order. They want what you're selling for free. Before you ship anything, log in to PayPal and check that you actually received a payment. We'll never ask you to share a tracking number by email. If you received a payment, you’ll always see it in your PayPal activity.​ 
  • "You’ve been paid too much." Fraudsters may try to convince you that they overpaid for an item. For example, they’ll send an email that says they’ve paid you $500.00 USD for a camera you listed at $300.00 USD. The sender asks you to ship the camera in addition to the extra $200.00 USD you were “paid” by mistake. The fraudster wants your camera AND your payment but hasn’t actually paid you at all. Before sending anything, login to PayPal and check that you received a payment.

To report a suspicious email or website, forward it to phishing@paypal.com and we’ll investigate it for you. After you send us the email, delete it from your inbox.

To learn more about online safety, visit our Security Center

Was this article helpful?

More ways we can help

How are we doing?
Take our survey

If you accept cookies, we’ll use them to improve and customize your experience and enable our partners to show you personalized PayPal ads when you visit other sites. Manage cookies and learn more