Paypal scam emails claiming to be from the ‘billing department of PayPal’ is falsely telling people that their accounts have been ‘illegally accessed’.
Email scams are constantly changing tactics in order to convince their targets that they’re genuinely from the brand they say they are. One of these tactics is the spoofing of email addresses, which can trick the recipient into thinking an email has been sent by a certain email address when in reality the fraudsters have used a loophole to make it appear that way.
When emails are spoofed, many servers realise that they have failed authentication checks and send them directly to spam/junk folders as a result.
But in this case, scammers have found a way to send their phishing attempts to look like they come directly from PayPal, spoofing its official domain, meaning they’ll arrive in your inbox looking like extremely convincing genuine emails.
PayPal scam emails – what you need to know
What do the ‘billing department of PayPal’ emails look like?
Here are examples of the emails sent to members of the public:
Image 1 of 3
The emails claim your account ‘may have been illegally accessed’ and goes on to say that an amount of money has been ‘deducted from your account’ in order to cover the costs of gift cards.
In these cases, the ‘gift cards’ in question are stated as ASDA and John Lewis, but a variety of other brands, such as UK supermarkets and other well-known retailers, have also been used in attempts to appear convincing.
How does it look like these emails were sent by PayPal?
In these cases, the scammers appear to have used PayPal to send fake invoices to an unknown number of email addresses. They appear to have named their own account ‘Billing department of PayPal’ in order to try to make themselves appear as the brand within the email.
The PayPal invoice (opens in new tab) facility generates an ‘estimate’ and allows users to add a note to the recipient. It’s within this note that the scam takes place.
How does the scam work?
The ‘notes’ that the scammers have written attempt to panic you into believing your PayPal account has been compromised, money has been lost and that you must take action immediately in order to rectify the situation.
Panic is a common tactic of scammers, who hope you’ll take action before taking a moment to assess whether a communication is genuine.
But because this email has been generated via PayPal’s systems, the scammers need to direct you away from PayPal. They are relying on you taking action on the following statement:
“If you think you did not make this transaction, call us right away”
They then provide a phone number that has nothing to do with PayPal. A Google search of these numbers reveals a large number of reports of bank transfers and PayPal scams.
If you call these numbers, it’s likely that you will be put in touch directly with the scammers, who will go on to attempt to extort your bank/card information.
I think I’ve lost money to this scam, what should I do?
If you’ve given sensitive information, such as your bank/card details, away over the phone or via a phishing website, it’s vital that you contact your bank via its official channels as soon as possible.
Your bank should work with you to cancel your card, block any pending payments (if required) and refund the money you’ve lost.
You should also then keep an eye out for any follow-up scams that could occur if you’ve given contact details, such as your email address or phone number, away to fraudsters. Treat any contact you receive out of the blue with caution.
How can I report fake emails?
Fake emails can be reported to the National Cyber Security Centre on email@example.com (opens in new tab), however, as these emails have actually been generated by PayPal, it is better to report this specific scam directly to it by sending a copy to firstname.lastname@example.org (opens in new tab)
If you believe that you’ve received a fake invoice/’seller note’, do not follow the instructions contained within the note or click on any links.
Instead, log in to PayPal separately, away from the suspicious email, and check that everything is normal on your account. If so, you can safely ignore these fake ‘invoices’.
What other PayPal scams should I watch out for?
Phishing emails, SMS text messages and phone scams have been reported as posing as PayPal over the years. PayPal encourages its customers to be vigilant of who any communication is from before they click any links or open attachments.
PayPal will never ask customers for certain personal information or multi-factor authentication codes by phone, email or text message.
If you’re ever unsure about the type of communication you’ve received from PayPal, contact its customer support directly (away from email or text) and via its official channels.
A spokesperson for PayPal (opens in new tab) said: “We have a zero-tolerance policy on our platform for attempted fraudulent activity, and our teams work tirelessly to protect our customers.
“We are aware of this well-known phishing scam and have put additional controls in place to mitigate this specific incident. Nonetheless, we encourage customers to always be vigilant online and to contact Customer Service directly if they suspect they are a target of a scam.”