Action Fraud is warning people selling items online to be on the lookout for criminals sending fake PayPal emails.
- Between January 2020 and September 2020, 21,349 crime reports were made to Action Fraud about fake PayPal emails.
- Victims reported losing a total of £7,891,077.44 during this time.
- Those targeted included people selling jewellery, furniture and electronics via online marketplaces.
- Reports of fake PayPal emails to Action Fraud made up a third of all reports of online shopping and auction fraud during this period.
How does it happen?
Criminals have been targeting people selling items online, by sending them emails purporting to be from PayPal. The emails trick victims into believing they have received payment for the items they’re selling on the platform.
Typically, after receiving these emails, victims will ship the item to the criminal. This leaves them at a further disadvantage having not received any payment for the item and also no longer being in possession of it.
How can you protect yourself?
- Sellers beware: If you’re selling items on an online marketplace, be aware of the warning signs that your buyer is a scammer. Scammers may have negative feedback history, or may have recently set up a new account to avoid getting poor feedback. Don’t be persuaded into sending anything until you can verify you’ve received the payment.
- Scam messages: Don’t click on the links or attachments in suspicious emails, and never respond to messages that ask for your personal or financial details.
- How to spot the difference: A PayPal email will address you by your first and last name, or your business name, and will never ask you for your full password, bank account, or credit card details in a message.
If you think you’ve been a victim of fraud, report it to Action Fraud online at www.actionfraud.police.uk or by calling 0300 123 2040.
Editors Note: –
Most scams start Dear Customer or such – real emails tend to start with your name. – This isn’t an absolute run but it’s fairly common.
Also, if you click on Reply there is often a non-recognisable email address. Often with a domain name nothing like the purported source of the email.
If you get an email that’s asking you to sign in to your account – using their link. Don’t – try doing it from a link that you have used before and know to be good. Emails asking you to sign in-using their link can be phishing (pronounced – fishing) emails and can be reported at firstname.lastname@example.org
Similarly – by right-clicking on the link button may well show you the false website you’re being sent to.
IF IN ANY DOUBT DON’T DO IT.