Online payment platform PayPal has become a prime target for scammers in recent years. With Black Friday (29th November) set to bring a wave of online discounts, cybercriminals are ready to exploit the excitement, and occasional carelessness, of shoppers.
Cybersecurity experts at Hypernode have highlighted the most common PayPal scams to watch out for this Black Friday, alongside practical tips to stay protected.
Common PayPal Scams to Avoid
1. The “Problem with Your Account” Scam
Phishing emails remain one of the most popular methods for targeting PayPal users. These fraudulent messages, disguised as official PayPal communications, claim there’s an issue with the user’s account or a need to verify payment details. Victims who click the included links are taken to fake websites designed to steal login credentials or financial information. These emails often appear authentic, complete with PayPal logos and branding.
2. Promotional Offer Scams
These scams lure victims with tempting offers such as cash rebates, discounts on future purchases, or online vouchers. With many genuine Black Friday deals circulating, it can be hard to spot the fakes. However, these emails often link to convincing but fraudulent websites that are set up to steal personal information.
3. The “Order Confirmation” Scam
Scammers send emails claiming that a large purchase has been made using the victim’s PayPal account. For those making Black Friday purchases, this can seem like a legitimate confirmation. For others, it triggers concern about an unauthorised payment. Either way, the email directs victims to a fake website to “verify” the transaction, stealing their login details in the process.
4. The Friends and Family Payment Scam
This scam manipulates buyers into using PayPal’s “Friends and Family” payment option under the guise of securing a great Black Friday deal. The scammer takes the payment and disappears, leaving the buyer without a product or any recourse. PayPal’s Friends and Family option does not offer buyer protection, making it an easy target for fraud.
5. Unauthorised Access
During Black Friday, scammers take advantage of weak passwords or outdated security settings to hack PayPal accounts. By using methods like credential stuffing, where hackers try login credentials stolen from previous data breaches, they can access accounts to siphon money or make fraudulent purchases.
How to Stay Safe While Shopping
Hypernode experts recommend the following precautions to protect against PayPal scams:
1. Verify Email Senders and Links
Always check the sender’s email address carefully to ensure it’s from PayPal’s official domain (@paypal.com). Fraudsters often use subtle variations. Avoid clicking links in unsolicited emails, instead, log in to PayPal directly through the official app or website to verify claims.
2. Avoid Friends and Family Payments for Purchases
Only use the “Friends and Family” option for transferring money to people you know and trust. When buying goods or services, always use PayPal’s “Goods and Services” option, which offers buyer protection.
3. Be Cautious of Promotional Offers
Be sceptical of deals that seem too good to be true. Stick to known retailers or verified PayPal promotions. Cross-reference links in promotional emails with official retailer websites to confirm their legitimacy.
4. Enable Two-Factor Authentication (2FA)
Add an extra layer of security to your PayPal account by enabling 2FA. This requires a one-time code (sent to your phone or email) alongside your password, making it far harder for scammers to access your account.
5. Watch Out for Fake Confirmations
If you receive an unexpected order confirmation email, don’t click any links. Log in directly to your PayPal account to check for suspicious transactions or contact PayPal’s support team for clarification.
6. Monitor Your PayPal Account
During busy shopping periods like Black Friday, turn on account notifications via the PayPal app or website. This way, you can quickly spot and act on any unusual activity.
7. Stick to Trusted Websites
Shop with reputable retailers and always check website URLs for errors or unusual endings (e.g., .net instead of .com). Look for the padlock icon in the browser bar to confirm a site is secure.
Milan Bosman, Commercial Director at Hypernode, commented:
“Black Friday has become a prime day, not just for bargain hunters, but for scammers too. Cybercriminals are increasingly taking advantage of the reduced vigilance that comes with the excitement of a great deal.
“With discounts now reaching record levels, distinguishing between genuine offers and scams has become harder than ever. By following these tips, shoppers can enjoy Black Friday without falling victim to fraud.”
