ScamSentinel

Phishing Guide

PayPal Scam Email

Fake PayPal emails are one of the most common phishing scams in the world. Learn how to spot a fake PayPal email — and check any suspicious message instantly with our free AI scam detector.

Check a message nowHow it works

What is this scam?

A PayPal scam email is a phishing message designed to look like an official PayPal communication. Scammers impersonate PayPal to trick you into clicking a malicious link, entering your password, or paying a fake invoice. These emails often warn of "unusual activity", "account limitations", or "pending payments" you don't recognize — all tactics designed to create panic so you act before thinking.

Common warning signs

  • Sender domain isn't @paypal.com (e.g. paypal-secure-alerts.com)
  • Generic greetings like 'Dear Customer' instead of your name
  • Urgent threats: account suspension within 24 hours
  • Links pointing to look-alike domains (paypal-verify.support-id.com)
  • Unexpected invoices for products you didn't buy
  • Requests to 'confirm' your password, card, or SSN
  • Spelling, grammar, or formatting inconsistencies
  • Attachments — PayPal never sends invoices as attachments

Realistic scam examples

Fake account limitation

From: service@paypal-secure-alerts.com
Subject: [Action Required] Unusual sign-in attempt

Dear Customer,
We detected an unusual sign-in to your PayPal account. Your account has been temporarily limited.
Confirm your identity within 24 hours: https://paypal-verify-account.support-id8821.com/login
— PayPal Security Team

Fake invoice scam

You sent a payment of $749.99 USD to Norton LifeLock.
If you did not authorize this transaction, call +1 (888) 555-0142 immediately to cancel.

How to stay safe

  • Never click links in PayPal emails — go directly to paypal.com or open the app.
  • Forward suspicious emails to phishing@paypal.com, then delete them.
  • Enable two-factor authentication on your PayPal account.
  • If you clicked a phishing link, change your PayPal password immediately and check recent activity.
  • Never call phone numbers shown in suspicious emails — look up the official PayPal number yourself.

Not sure if a message is a scam?

Paste it into our free AI scam checker for an instant analysis.

Analyze a message

Frequently asked questions

Does PayPal send security emails?

Yes — but legitimate PayPal emails always address you by your full name, come from an @paypal.com domain, and never ask you to enter your password via a link. When in doubt, log in directly at paypal.com to view alerts.

How do I know if a PayPal email is fake?

Check the sender's full email address (not just the display name), look for generic greetings, urgency, and links that don't go to paypal.com. You can also paste the message into ScamSentinel for an instant AI analysis.

What happens if I clicked a PayPal phishing link?

Don't enter any information. Close the page, change your PayPal password from the official app or paypal.com, enable 2FA, and review your account activity. Run an antivirus scan if you downloaded anything.

Will PayPal ask for my password by email?

Never. PayPal will never ask you to provide your password, full card number, or PIN by email, text, or phone.

Related scam guides

Bank Phishing Text ScamRoyal Mail Scam TextHMRC Scam Text