Scam alert: watch for fake PayPal invoices
If you regularly handle invoices as part of your job or you purchase with PayPal a lot, this one is especially dangerous. Fraudsters are sending fake invoices via PayPal… and some are paying up without thinking twice.
These scams most commonly appear as email messages informing you that you have received an invoice via PayPal. If you click the link and pay using your PayPal account, your money will be gone instantly, transferred to the scammer who sent the invoice. It can also result in a PayPal account takeover!
In general, be skeptical when receiving an invoice that can’t be tied to a specific purchase or work order. You can contact the entity the invoice is purportedly from (look for their contact info online; don’t contact the person who sent the invoice directly) to confirm its legitimacy.
How Does The Scam Work?
This scam hinges on the fact that these fake invoices aren’t technically fake at all: they are real PayPal invoices, created by fraudsters to mimic an invoice from a real entity like GoDaddy or the World Health Organization (WHO).
The idea is that, because the invoice appears to come from a well-known and reputable organization, you may believe the invoice is legitimate and pay up without thinking. Because the invoices are real PayPal invoices (albeit created fraudulently), once you click “Pay” your money will be automatically transferred via your PayPal account to the fraudster.
This Phishing Scam Summary
Subject lines for this scam follow the form of Invoice from Name (#####) where the sender’s name and invoice number will vary.
This scam begins with a phishing email that contains a PayPal invoice for a fake purchase. The invoices for this scam may be generated in PayPal by the scammers, so while the purchase is fake, clicking on the links in the scam invoice may actually transfer payment via PayPal. The invoice claims that the recipient has successfully made a purchase through PayPal for $219. Note that in some cases the amount and supposed purchase could vary. This scam is being seen widely and has been reported by other institutions and in the media.
What to watch for:
- Invoices for purchases you have not made.
- Requests to act immediately to make a payment or reverse payment.
What to do if you receive this:
- If you receive an invoice you suspect to be fake or for a purchase you don’t recall making, do not pay and do not respond using links or phone numbers in the email.
- Go to your PayPal account (do not use links in the email!) and look at your purchase history to verify you haven’t been fraudulently billed.
- If you have been fraudulently billed go to PayPal’s Resolution Center at paypal.com/disputes/ and report the fraud immediately.
Phishing Email Text
(Please note that some details such as links and phone numbers have been removed for safety. and may change from email to email)
[your email], here are your invoice details
Here’s your invoice
Timothy Lee Cotterill sent you an invoice for $219.00 USD
Due on receipt
View and Pay Invoice
Buy now. Pay over time.
Simply select PayPal Credit at checkout and enjoy No Interest if paid in full in 6 months. Subject to credit approval. See terms. US customers only.
Note from Timothy Lee Cotterill
Thank you for your Successful Purchase using PayPal for Amazon Prime 1yr Subscription. You paid $219. 00 USD which will be shown in your account within the next 24-48hrs. If you haven’t made this transaction and do not Authorize it. Call or Reach us immediately at +1-888-xxx-xxxx
Help & Contact | Security | Apps
Twitter Instagram Facebook LinkedIn
PayPal is committed to preventing fraudulent emails. Emails from PayPal will always contain your full name. Learn to identify phishing
Please don’t reply to this email. To get in touch with us, click Help & Contact.
Not sure why you received this email? Learn more
Copyright © 1999-2022 PayPal, Inc. All rights reserved. PayPal is located at 2211 N. First St., San Jose, CA 95131.
Phishing Email or Site Screenshot:
Phishing & Suspicious Email
Criminals use malicious email and websites to try to trick you into revealing your password or other sensitive information or to infect your computer with malware. They target EVERYONE 100% of the time. Phishing email often uses urgent language, asks for personal information, and has grammatical, typographical, or other obvious errors (these are designed to screen out the victims that overlook such things.)
Most email services now reduce malicious emails for you, but some phishing emails still get through. Learn how to recognize phishing and other malicious email to protect yourself.
How to Spot Phishes
Check links before clicking.
- Check the full URL to see if it goes where you expect.
- On your smartphone or tablet, press the link and hold down until a dialog box appears containing the URL.
- On your computer, hover over the link with your mouse. The URL will usually appear in the lower-left corner of your window.
- Check shortened URL destinations.
- Check to see If the sender is forged.
- Is the content suspicious?
- Also, check Google for examples of recent phishes.
Be careful where you enter your password. Learn what to look for to help spot fake login pages that many scammers use in phishing. See Look before you log in.
Pay Attention To Banners
- Google GMail flags messages that may be suspicious to help you identify potential problems. See Google Mail Banners Warn of Suspicious Email.
- Take note of an automated warning banner at the top of emails received from unknown senders that contain links or attachments. The email banner urges extra caution with such messages.
You may see this yellow warning banner on emails that come from an address that you haven’t received email from before. If you are expecting the email and know the sender, you can ignore the warning or click the Looks safe link. If you think the message is a phish, click the Report phishing button.
Possible Phishing Scam
You may see this red warning banner when you receive a message that other recipients have reported as spam or phishing. Be cautious of email messages with this banner.
Other Warning Banners
You may see other warning banners. Google regularly updates its warning banners to help you identify emails that require extra caution and attention. It is a good idea to read these banners and be cautious with emails that display them.