If your small business relies on PayPal for payments, it’s essential to stay alert to a growing wave of scams targeting unsuspecting users. Fraudsters are using increasingly sophisticated tactics to try and gain access to business finances – and the number of attacks is rising fast.
According to research from McAfee Labs, cyber attacks on PayPal users have surged by 600% so far this year. These scams are becoming harder to spot, making it all the more important to know what to look out for and how to protect yourself.
Common PayPal Scams Affecting Small Businesses
One of the most common tricks being used is the fake PayPal email – often appearing to come from a genuine address such as service@paypal.com. These messages might confirm a (non-existent) purchase or invoice and ask the recipient to call a number. But instead of reaching PayPal, you’re connected directly to the scammer. Once on the phone, business owners may be asked to confirm account details or passwords – information that can be used to access and drain your account.
Another type of scam gaining traction involves urgent emails telling you that “action is required” on your account. These messages claim your account will be suspended unless you update your information within 24 or 48 hours. Clicking the link takes you to a fake website that looks convincing but is designed to harvest your login details.
Here are some other PayPal-related scams that small business owners should be aware of:
- Money request or fake invoice – receiving a request for payment for something you never bought.
- Overpayment scams – a “customer” overpays for a product or service and asks for the excess to be refunded, often using stolen account details.
- Advance fee or prize scams – you’re told you’ve won a prize or opportunity but need to pay a fee up front to claim it.
How to Protect Your PayPal Account
As scams become more complex, staying secure requires both vigilance and practical steps. Here are five things you can do to safeguard your PayPal account:
- Enable two-factor authentication: Adding a second level of security makes it much harder for unauthorised users to gain access, even if they manage to obtain your password.
- Ignore phone numbers in emails: PayPal won’t ask you to call them to verify account details. If in doubt, go directly to PayPal’s official website.
- Check email addresses and links carefully: Look closely at where the email has come from. If it doesn’t match PayPal’s official domain, it’s likely to be fraudulent.
- Treat all emails with caution – even genuine-looking ones: Just because an email seems to come from PayPal doesn’t mean it’s safe. Examine the content closely and don’t rush into clicking links or entering information.
- Beware of pressure tactics and urgent language: Many scams rely on panic – messages threatening account suspension or urging you to act within hours are a major red flag.
While PayPal remains a popular and secure platform, scammers are constantly evolving their methods. By staying informed and taking basic precautions, you can continue using online payments with confidence – and avoid falling victim to increasingly convincing scams. If you do receive a suspicious message, PayPal advises forwarding it to phishing@paypal.com and then deleting it from your inbox.