Fake PayPal emails are on the rise—and they’re after your money 💸

Cliquez ici pour lire en français

With digital payments now a part of everyday life, PayPal has become one of the most widely used platforms—and one of the most targeted by cybercriminals. In early 2025, researchers at McAfee Labs sounded the alarm: in just one month, email scams impersonating PayPal skyrocketed sevenfold. At peak times, over 600 fraudulent emails are sent in a single day.

A well-crafted phishing campaign is flooding inboxes 🎯

What’s behind this surge? A sophisticated phishing campaign that relies on emails designed to look official. They mimic PayPal branding and use fear-inducing language to trick users into urgent action. Subject lines often include phrases like “Action required” or “Urgent update to your account.”

The body of the email claims your account will be suspended within 48 hours unless you act fast. A fraudulent link then urges you to “verify your information.” But instead of taking you to PayPal, it redirects to a fake site crafted to steal login credentials and other sensitive data.

Here’s a typical example:

“Despite our previous attempts to reach you, we have yet to receive the necessary information to complete the process. It is critical that you act immediately to ensure the security of your account and avoid any service disruption.”

Once the scammers have your info, they can bypass security protections using specialized tools—easily accessible on the dark web.

Les scénarios d’arnaque les plus fréquents The most common scam tactics ⚠️

McAfee’s investigation highlights several recurring schemes:

• Fake account suspension warnings
• “Claim your PayPal gift card” offers
• Invoices for purchases you never made
• Fake paid surveys that don’t actually exist
• Bogus billing issues urging you to call support
• Payment requests or confirmation emails out of the blue
• 

Here are some red flags to watch for:

• The sender’s email address isn’t from @paypal.com
• The link points somewhere other than paypal.com
• The message includes suspicious invoice images instead of a standard PayPal format
• It encourages you to call a fake customer service number
• It tries to create a sense of panic or urgency

10 ways to protect yourself from PayPal scams
🛡️

McAfee’s researchers recommend the following best practices :

1. Never click links in suspicious emails. Always log in manually through PayPal’s official website or app.
2. Check the sender’s email. Addresses like paypal-service.net are a red flag.
3. Avoid calling numbers in sketchy emails. Use only official support channels.
4. Watch out for lookalike domains. Examples include service-ppal.com or paypal-account.me.
5. Enable two-factor authentication. It adds a security layer even if your password gets stolen.
6. Ignore too-good-to-be-true offers. PayPal doesn’t hand out gift cards for surveys.
7. Keep an eye on your account activity. Spotting fraud early makes a big difference.
8. Use PayPal’s built-in security tools to boost protection.
9. Report any suspicious messages through your email provider or directly to PayPal.
10. Don’t panic. Scammers count on you acting fast. Take a moment to verify everything.

Stay skeptical, stay safe ⛔️

No legit company threatens to close your account within 48 hours without warning. If a message pressures you to act now, pause and check. Don’t click on anything until you’re sure it’s real.

Scammers prey on your fear and speed. Take a breath, verify the source, and remember: it’s better to lose a few minutes than your entire account.

What about you ?! 
Ever received a fake PayPal email? How did you handle it? Share your experience in the comments 😊