“Six hundred dollars!”
That’s the response a fraudster wants from you when they create a PayPal invoice scam.
Imagine getting a request to pay six hundred dollars for something you never purchased, and the request is a professional-looking invoice from a reputable company.
Should you call the provided number in the email and dispute the request? Should you ignore the email completely? Should you pay the invoice?
Don’t let this annoying scam get the best of you. Here’s everything you need to know about this insidious money request scheme.
What is the PayPal Invoice Scam?
In short, the PayPal invoice scam is a phishing email scheme designed to trick a victim into sending the fraudster money. What makes this scam different than basic phishing schemes is that this one usually looks professional and often appears like PayPal itself sent it.
The way this scam works is simple:
- The victim receives an “invoice” from PayPal or a service-based company such as GoDaddy.com telling them that they have to pay a certain amount of money to keep their account active.
- If the victim doesn’t use GoDaddy.com, or PayPal, they’ll simply ignore or trash the email. If they do use the service presented in the “invoice,” they may send the money in hopes of maintaining their account status.
- The fraudster receives the invoice payment and pockets the cash.
The PayPal invoice scam uses a very common phishing tactic: urgency. The note section of the fake invoice will usually urge the victim to act as fast as possible to stop any critical thinking that may get in the way.
You may wonder, “Who is dumb enough to pay for something without verifying they purchased it?” However, even some of the biggest tech companies in the world filled with some of the smartest people in the world got scammed out of $100 million via fake invoices.
PayPal Invoice Scam Examples
Online fraudsters are crafty, but they’re not very original. Instead of creating a new fake invoice to trick victims, they tend to copy other fake invoices they find online.
Here are five fake PayPal invoice examples to look out for:
PayPal’s First Official Example
This money request scam is so prevalent that PayPal itself had to post a warning on its site to warn its users.
Here’s an example that PayPal uses to showcase this growing problem:
Picture
Could you identify this invoice as a fake right away?
Because of the professional formatting of a PayPal invoice, it’s easy for a victim to get instantly fooled. The balance due is only $168.36, a small amount many people could quickly send and move on with their day.
The only red flag on the invoice itself is in the note at the bottom:
Picture
Instead of informing the victim of what this invoice is for, the scammer just leaves their number.
Never call the number in the note section if you think the invoice is fake. The fraudster is just looking to get your sensitive information over the phone.
PayPal’s Second Official Example
Usually, a victim of this scam will receive a notification through PayPal to their inbox about how much “money they owe.” The victim can click the View and Pay Invoice button to view the actual invoice. This notification is sent using PayPal, so clicking the button is safe.
Here’s what a typical notification will look like for a fake PayPal invoice.
Picture
The scammer hopes that the victim will simply pay the amount of the invoice, but the note section reveals that they also have a backup plan:
Picture
With the requested amount being almost $400, the scammer is banking on most people freaking out and calling the provided number before their account gets debited “in the next 24 hours.”
Again, never call the number.
A Fake Invoice From “PayPal”
Here’s an example of a fake invoice that looks like PayPal itself sent it:
Picture
There are several red flags that give this fake invoice away if you know what to look for, starting at the top:
Picture
An impersonal greeting is a common occurrence in phishing emails. A real message from PayPal would address you by your full name.
Picture
The number provided is not the official customer service number. Not only that, but the scammer actually tells the victim only to use the fake number. This is an attempt to get the victim not to look up the actual customer service info.
Picture
Remember when I implied earlier that the typical fraudster is lazy? Here’s the perfect example.
It appears that the scammer simply copied and pasted the warning information from an actual PayPal invoice to make it look more legitimate. The scammer didn’t realize that the warning tells the victim that an actual invoice from the company would never ask them to call a provided number, which is exactly what this fake invoice does.
Picture
The copied warning also tells the victim that a real invoice would use their full name. Of course, the scammer doesn’t know the victim’s name; they’re just sending out random emails hoping for a sucker to make the payment.
A Fake Invoice From “Bitcoin Exchange”
Here’s another classic example:
Picture
This one has all the classic markings of a phishing scam:
- A big scary payment.
- Stating that the transaction had already been made, immediately sparking panic in the customer.
- A twelve-hour time limit to resolve the matter.
- A “customer service” number to call. Remember, don’t call that number.
Multiple Scams In One
This last example is a strange one that attempts to confuse the victim by bringing up Walmart gift cards:
Picture
This fake invoice makes no sense. It first states that the victim’s account has been accessed unlawfully, and then a few sentences later, a number is given in case the victim “suspects that they didn’t make this transaction.” Why would the victim wonder if they made the transaction if the first line states that they didn’t?
Believe it or not, a good amount of people who receive this phishing attack won’t notice the contradiction. They’ll be too busy freaking out about the $600 dollars they believe was taken out of their account.
This example has a fake number and a “24-hour” warning in the notification and in the note section for the invoice itself.
Picture
How to Report a PayPal Invoice Scam
If you receive one of these fake money request scams, you can do more than just ignoring it.
You can report it to PayPal to help make the website safer for everyone.
Here’s how:
- First, don’t attempt to pay the invoice or interact with the fraudster at all.
- Log in to your PayPal account on the official website or through the PayPal app.
- Go to the Resolution Center within your PayPal account.
- Click on Report a Problem or Dispute a Transaction.
- Select the transaction related to the suspicious money request from the available options.
- Provide detailed information about the suspicious request and why you believe it’s unauthorized.
- Follow the on-screen instructions and provide any additional information requested by PayPal.
- Finally, submit your report and wait for PayPal to review your case.
Final Thoughts
It’s easy to panic when you’re staring at an “invoice” that says you owe a company hundreds of dollars.
That’s what the scammer is banking on.
Similar to Cash App scammers, PayPal invoice scams use psychological tricks to fool you into giving up your money.
If you receive a fake PayPal invoice, take a moment to breathe and use your critical thinking skills. Ask yourself if you’ve recently done business with the company in question or at all.
And remember, just because an email or invoice looks like it’s from PayPal, doesn’t mean it is.
This article was originally published by Marcus Leary on Hackernoon.
