PayPal is well known online payment mode in Canada and the reason is PayPal’s safe and secure transactions and environment. But still as now almost all of us want to keep safe from online fraud when using Paypal there are various ways to protect yourself when using Paypal.
Use strong passwords
- Use passwords with a combination of letters, numbers and symbols, and avoid using the same password for all of your accounts.
- Set up 2-step verification (2FA) and a mobile PIN for your PayPal login.
- Stay vigilant to fend off phishing attempts via email, text or phone.
Industry statistics show that many people reuse the same password everywhere and for those who don’t, most have only three or four passwords for their various accounts. This is why it’s important to have passwords that contain a variety of letters, symbols and numbers. Having a simple password means that you are more vulnerable to malware, phishing and identity theft. Don’t use information that could be found on social media in your passwords such as your pet’s name, children’s names, favorite football team, your name, birthday, driver’s license numbers or phone numbers. Can’t remember all your passwords? You can find reputable password managers online that can manage that for you at little to no cost.
2-step verification (2FA) and mobile PIN
Setting up 2-step verification and a mobile PIN adds a second layer of security to your online account. Login to PayPal and click the settings icon in the top right-hand corner of the screen. Click the ‘Security’ tab to set up a mobile PIN and 2-step verification.
Spot fake, fraudulent, spoof or phishing emails
Phishing is a form of social engineering that attempts to steal sensitive information by posing as a legitimate institution fishing for your personal details. The attacker’s goal is to compromise systems to obtain usernames, passwords, and other account or financial data. While phishing is frequently accomplished by email, it can also be used via phone and text message.
When you aren’t sure if you can trust a communication from PayPal, here are a few guidelines that can help you spot the real from the fake. Below are common practices seen in phishing attempts to watch out for.
Impersonal, generic greetings, such as “Dear user” or “Dear”
Emails from PayPal will always address you by your first and last names or by your business name. We never say things like “Dear user” or “Hello PayPal member”.
PayPal will never ask you to provide your password, credit card numbers, bank account numbers, driver’s license number, social security number, email or full name through text message or email.
If there’s a link in an email, always check it before you click. A link could look perfectly safe like www.paypal.com/SpecialOffers, so make sure to hover your mouse over the link to preview the true URL. If you aren’t certain, don’t click on the link. Just visiting a bad website could infect your machine.
Don’t ever open an attachment unless you’re sure it’s legitimate and safe. Be particularly cautious of invoices from companies and contractors you’re not familiar with. Some attachments contain viruses that install themselves when opened.
Phishing emails are often alarmist, warning that your account needs to be updated immediately. They’re hoping you’ll fall for their sense of urgency and ignore warning signs that it’s fake. If there is an urgent need for you to complete something on your account, you can find this information by logging in to PayPal.
If you suspect you’ve been a target of a PayPal phishing scam, forward the entire phishing email or spoof site information to firstname.lastname@example.org. Do not alter the email subject line and do not forward the message as an attachment. Please delete the email from your email account immediately after. To forward a text exchange, follow these steps:
- iPhone, iPad, iPod Touch – tap and hold the message you want to forward, select More, then tap the Forward arrow on the bottom right corner and enter email@example.com. After you’ve hit send, delete the message.
- Android – tap and hold the message you want to forward, select the More Menu, and then Forward to firstname.lastname@example.org. After you’ve hit send, delete the message.
Unauthorized account activity
If you think someone has used your account without permission, report it to PayPal immediately and we’ll help protect you as much as possible. If reported within 60 days of when the transaction appeared on your account statement, PayPal can protect you with $0 liability for eligible unauthorized transactions.
Dealing with Fraud
If you find yourself in a situation that you think could potentially be a scam, there are two important themes to keep in mind to help you decipher if you’re dealing with fraud:
- A fraudster will offer something, usually something that is too good to be true; or
- A fraudster will request something and wrap it in a fake urgent scenario that encourages you to act quickly.
Here are some of the common consumer fraud trends to be aware of as you transact online:
Online Merchant Fraud: As we continue to see shortages of hand sanitizer, face masks, and other items that help to protect against COVID-19, a fraudster may claim to have these types of in-demand products and charge customers, even though they don’t actually have the items. Before making purchases from any online merchant, be sure to do research into the merchant by looking for reviews and checking to make sure you’re shopping with a reputable seller.
Medical Treatment Scam: As there is currently no official cure for COVID-19, fraudsters may take advantage of the situation by selling fake medical treatments or cures that they claim they can be used to prevent or treat the virus. Before purchasing any of these items, do your research to verify the legitimacy of medications using resources from the Food and Drug Association (FDA), and be aware that there are not yet any FDA-approved products on the market to prevent or cure COVID-19. You can search through FDA-approved drugs and new drug applications through the FDA’s website.
Charity Scam: A fraudster may contact you asking for a donation to charity, often following an emergency or disaster situation, such as the one we’re currently experiencing with COVID-19. Before making a donation, make sure you do some research into the charity, checking ratings and understanding how much of your donation will go to the cause you want to support.
Family Emergency Scam: A fraudster may pose as a relative or a friend and ask you to send money immediately to help with an emergency, sometimes insisting that the request remain secret. In these situations, the fraudster often tries to trick their victim into sending money before the victim realizes the emergency is false. Before responding to these types of messages, make sure to take steps to verify the identity of the person asking for money. You can do this in a number of ways, including asking them questions that a stranger would not be able to answer, or reaching out to another family member or friend who may be able to verify the emergency.
Employment Scam: As more and more consumer jobs become affected by COVID-19, fraudsters might try to trick victims into paying the fraudster for an employment opportunity that “guarantees” to make the victim money. Be aware that in most cases, opportunities that make these types of guarantees are often not legitimate.
Social Security Imposter Scam: A fraudster may contact a victim posing as a Social Security Investigator, claiming that there is a problem with the victim’s Social Security account and request that the victim resolve the problem by calling another number, when the fraudster may attempt to acquire personal information. As people across the U.S. anticipate the arrival of their COVID-19 stimulus check, we may begin to see an uptick in this sort of scam. Be aware that representatives of the Social Security Administration and the U.S. government do not request sensitive personal information over the phone.
Fake Debt Scam: A fraudster might contact you representing him or herself as a debt collector or court official, telling you that you must pay money that you don’t actually owe. Before taking any action, make sure to do some research into the claim by verifying the real numbers for the government agency, office or employee, and do not agree to wire money in order to pay back the debt.
How PayPal Can Help Victims of Fraud?
If you believe your account with PayPal has been affected by fraud you can report the incident to PayPal through our Resolution Center where you can open a dispute. Examples of what you can report include:
- If you notice unauthorized or suspicious activity from your account with PayPal, such as multiple charges for a single purchase or a different charge than what was shown on your receipt.
- If you see a transaction that you did not authorize on your account with PayPal.
- If you sent a payment to a PayPal merchant for a good or service, but haven’t received what you paid for, or believe that the seller may be fraudulent.
Additional Resources for Fraud Reporting
For any fraud you experience when using another payment method or platform, you can report the incident to a variety of governmental agencies, including:
- Your local police department.
- The Federal Bureau of Investigation’s Internet Crime Complaint Center (click here to submit an online report).
- The Federal Trade Commission (click here to submit an online report or call toll free 1-877-FTC-HELP).
- Your State Attorney General’s Office (click here to find your State Attorney General).
How to protect your PayPal account from scammers and fraudsters?
Here are few tips to follow to help increase the security of your accounts and prevent the risk of interference from scammers.
If you need to access online banking or financial accounts or provide personal information, avoid using public WiFi networks. Instead, wait until you get home and can access a private network.
Check your credit report regularly: Several services allow you to check your credit report for free, and you can find reputable services by searching online. If you’re not actively pursuing new lines of credit or loans, consider applying a credit freeze through the credit bureaus.
Monitoring activity on your accounts is one of the best ways to help protect yourself against fraud. Don’t forget to also regularly review who has access to your accounts to ensure any authorized users are current.
Only download trusted applications and operating systems: Ensure that you’ve verified the security of applications on your computer, smartphone and tablets, and only download links from verified sources.
Make sure your software is updated, including on smartphones and tablets: When updates are available, download in a timely manner. Updates often include important security enhancements that you should take immediate advantage of.
Verify if you’re unsure of the legitimacy of a transaction: If you’re questioning the safety or legitimacy of a transaction you’re making, take some time to do some research. Read reviews of the business online. If a message or email comes from friends or family and seems unusual, take some time to contact the individual to confirm that it is legitimate.
Review your privacy and security settings on social media: Be deliberate about who you connect with and learn how to configure your privacy and security settings. Enforce privacy controls on your social media accounts to ensure your email address and/or phone number are not being shared publicly. Remember: Limit the amount of personal and travel information you share on social media as criminals leverage social media postings to gather data that can be used later.
Paypal recommends enabling the following features to help make sure your account with PayPal is protected.
Multi-Factor Authentication (MFA)
Multi-factor authentication adds an extra layer of security by supplementing your username and password with an extra piece of information, so you can verify online activity. To set up MFA on your account with PayPal, go to the settings icon in the top right-hand corner of the screen, then click the ‘Security’ tab to set up a mobile PIN and 2-step verification.
PayPal Security Key
PayPal also offers users the option to enable a PayPal Security Key, which provides a second authentication factor when logging into your account with PayPal. When enabled, The PayPal Security Key sends you a temporary one-time pin via SMS that you enter in addition to your password to log in to PayPal. Click here to setup a PayPal Security Key for your mobile phone.