PayPal is widely utilised by a score of merchants as a means of payment that ensures transaction security for both vendor and customer. And while PayPal is extremely secure to pay with online, it remains vulnerable to scams of its own. Access to your PayPal account can wreak havoc on your finances. In all cases, your first stop should be PayPal’s resolution centre; report your scam or fraud as soon as possible for better chances of reducing any financial damage to yourself. Read on for some of the more common insidious scams you may run into on PayPal.
The Phishing Factory
You’ve probably heard of phishing emails at this point. If not, consider yourself lucky. Phishing emails or texts are designed to mimic original correspondence, and aim to get you to click on their links and provide your login details to the scammer. Oftentimes this email/text will be something alarming that makes you want to resolve the issue as fast as possible. For example, if you learn that the funds in your PayPal account will no longer be available after 10 days unless you update your details, you will obviously feel inclined to sort out your details sooner rather than later. And how convenient that the email happens to have the link that takes you to your PayPal account too. Unfortunately the link that is included will take you to a website set up by the scammer, once you enter your password into this fake website, you’ve allowed them to collect this password and use it without your permission. In the flurry of activity, a lot of people don’t realise what has just happened.
And rightly so. Scammers will put loads of effort into making their phishing schemes look legitimate. The email will have a nice big header that reads “PayPal”, the language will be overly formal and confusing with an undertone of urgency. Besides, they sent this to your email address, which is private information. Right?
Not really. Phishing emails are quite common though, and here are some things to do to avoid these traps in the first place.
Check if your email has been ‘pwned’
This website allows you to check if your email has been sold to a third party or appeared in a data leak i.e. pwned. Either organisations have sold bulk customer information to a problematic third party, or an organisation where your email was registered with an account suffered a breach in their server security. If your email address has been pawned, it may be a good idea to start using a different or a new email for important accounts. This way, if an email is received on an account that you are not using with PayPal, you will know it is a scam.
Simple saves the day. If you get an important looking email from PayPal, it will likely not require action in the next 20 minutes. Give yourself some time, go home and read through the email critically so you can spot if it’s just a nasty trick. If it looks like a legitimate email though.
Sign in from your web browser
Even if the message is addressing a problem that is likely true, there is no need to click on the link in your email. In fact, most emails sent by PayPal will not include any such links, they will ask you to log in to your account on your browser. Which is exactly what you should do. Log in to your account separately, and navigate the settings/account details to check if there is in fact anything wrong. If there is, good for you now you can fix it. If there isn’t, good for you, you’ve just avoided a scam. Delete the email and go about your day.
There are some more ways to be alert about these scams as well. Check the sender’s email. Phishing mail is usually sent from unusually long and randomly generated emails. You may also be addressed not by your name, but by your entire email, which is a sure sign of a scam.
But if you’ve come reading with your head in your hands after answering such an email, fear not. Change your password immediately, and check if any funds have been taken out of your account. In fact, if you’ve provided them with any other details, such as a recovery email address, it’s a good idea to change that too. As long as you change your details swiftly, the scammers will not have enough time to act on their stolen information.
Refunds are a necessity, sometimes a godsend. But complicated refund policies, combined with how commonplace refunds are, provide fertile breeding ground for unsavvy opportunists to part you from your money. In fact there are a variety of common refund-associated scams that are popular. Seller beware, check the ratings of the buyers before you sell.
When you’re selling something and the buyer overpays, seemingly by accident beware of your next steps. One popular scam is to request a refund from you – the seller, claiming that they will repay the correct amount in a second transaction. In cases like these, the scammer will often wait until you ship the item to inform you of their overpayment and request a refund. If you do refund, you may find yourself with neither the product nor the payment if the buyer then cancels their subsequent payment to you within the specified time period. Usually, they will be able to cancel their second transaction as long as you don’t claim it, which leaves a window between the time you ship the product, the time you refund and the time they make the second payment for them to cancel the transaction. The best thing to do in such scenarios is to immediately request the buyer to cancel the purchase if you notice they have overpaid. Ask them to cancel the transaction and start a new transaction with you. Alternatively, you as the seller can cancel the transaction yourself.
If you’ve fallen prey to this sort of scheming, contact PayPal immediately after you notice something has gone wrong. They may be able to cover your loss, but it is unlikely. At any rate it won’t hurt to try. And leave the nasty buyer a review to warn future clients.
Trouble at the Post Office
Incorrect addresses cause much distress, and this is sadly exploited by many to get their money back unfairly. Due to the Seller Protection Policy on PayPal holding sellers accountable for incorrectly labelled postage, you may lose money from intentionally fake addresses. If the post delivery system is unable to find the address to deliver the package multiple times, they may call the buyer and deliver to the correct address. However, the buyer may lodge a complaint about not receiving his package from you. From here PayPal will only scrutinise the lack of effort on your part to put down the correct address. You are accountable for ensuring that the address is valid, and you will not be refunded for your lost product, nor will you receive your payment. The payment will be refunded to the buyer (who has your product too).
Avoid this hassle at all costs. Contacting PayPal will most likely not resolve the issue, so the important thing is to be vigilant about the postage address. Check the buyer’s address on the website of whichever service you are using, and avoid using third party delivery services suggested by the buyer. Your best bet is to report the incident to PayPal and try to get a refund.
Tugging at Your Heart Strings: Donations & Charities
This one is seasonal. Every time there is an unfortunate local disaster, you may come across a charity asking for donations for emergency relief. This is very sweet of them, and many charities do this, but there are scams that rely on strangers not double-checking the details of their non-existent charity to collect some free money. Charity Watch is one the sites you should visit to check the legitimacy of any charity before you take the step to donate money. Even if they have a fancy looking webpage set up for the more prying donor, always check the charity registry, and inquire about their plans and goals before you donate. You may also notice that the charity has PayPal donations only, which is very odd for charities that require a large outreach. Be especially aware of these scams when there are natural disasters such as floods, earthquakes or droughts.