Fake PayPal Emails Cost £8million In Theft

Uploaded on 2020-11-18 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Action Fraud is warning people selling items online to be on the lookout for criminals sending fake PayPal emails. Between January 2020 and September 2020, 21,349 crime reports were made to Action Fraud about fake PayPal emails. Victims reported losing a total of £7,891,077 during this time. Those targeted included people selling jewelry, furniture and electronics via online marketplaces. 

Reports of fake PayPal emails to Action Fraud made up a third of all reports of online shopping and auction fraud during this period.

Criminals have been targeting people selling items online, by sending them emails purporting to be from PayPal. The emails trick victims into believing they have received payment for the items they’re selling on the platform. Typically, after receiving these emails, victims will then send the item to the criminal. This leaves them at a further disadvantage having not received any payment for the item and also no longer being in possession of it.

Pauline Smith, Head of Action Fraud said: 

“We know that criminals will go to great lengths to target people on online marketplaces, especially now many more people are selling items online due to the coronavirus pandemic....Criminals have taken advantage of the coronavirus outbreak to commit fraud and will continue to do so. We are working hard, together with our partners, such as PayPal, to raise awareness of the types of scams being committed and prevent people from falling victim." 

 “It’s really important to follow our advice to help protect yourself. If you receive a suspicious email claiming you’ve received payment for an item you’re selling, take five minutes to check directly with PayPal that the communication is genuine. If something feels wrong then always question it.”

Action Fraud issued a similar warning earlier this year, after it received 3,059 crime reports about fake PayPal emails between October 2019 and December 2019.

Victims reported losing a total of £1,121,446 during this time. Reports of fake PayPal emails to Action Fraud made up almost 18% of all reports of online shopping and auction fraud during this period.

In one instance, a victim received a fake email purporting to be from PayPal claiming the buyer accidently paid more than they should have.The buyer then asked the victim to pay the difference by sending a gift card to them loaded with the difference, which they did. In another case, the fake email from PayPal claimed the buyer had accidently paid for the item twice.The buyer then asked the seller to wire the overpayment to a bank account in a different country.

What Do You Need To Do?

  • Sellers beware: If you’re selling items on an online marketplace, be aware of the warning signs that your buyer is a scammer. Scammers may have negative feedback history, or may have recently set up a new account to avoid getting poor feedback. Don’t be persuaded into sending anything until you can verify you’ve received the payment.
     
  • Scam messages: Don’t click on the links or attachments in suspicious emails, and never respond to messages that ask for your personal or financial details.

If you think you’ve been a victim of fraud, report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040.

A spokesperson for PayPal, said:

“At PayPal we go to great lengths to protect our customers in the UK, but there are still a few simple precautions we should all take to avoid falling victim to scams... All communications from PayPal to account holders would be sent to the secure message centre within their PayPal account. You will have a secure message waiting if PayPal does need you to take any action... A genuine PayPal email will only ever address you by your full name, anything that starts differently should immediately raise your suspicions. Look out for spelling mistakes, which are a common tell-tale sign of a fraudulent message.”

If you think that you’ve received a suspicious email, you can forward it to PayPal, without changing the subject line. PayPal will let you know whether it is fraudulent or not

PayPal:       Action Fraud:          Gedling Eye:     South Wales Argus:       Birmingham Mail:   

You Might Also Read:

Online Shoppers Have Lost Over £16m To Lockdown Fraud:

 

« British National Cyber Security Guidance
Cyber Security For Home Working »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Checkmarx

Checkmarx

Checkmarx provides state-of-the-art application security solutions with static code analysis software.

Nuix

Nuix

Nuix specialise in extracting knowledge from unstructured data. Applications include Digital Forensics, Cybersecurity Intelligence, Information Governance, eDiscovery.

Ixia

Ixia

Ixia provides testing, visibility, and security solutions to strengthen applications across physical and virtual networks.

Tiro Security

Tiro Security

Tiro Security is a boutique company specializing in information security and IT audit recruitment and solutions.

ZyberSafe

ZyberSafe

ZyberSafe is an innovative Danish company specialized within building hardware encryption solutions.

CompliancePoint

CompliancePoint

We design and implement strategies, processes & procedures to mitigate risk, reach compliance goals, protect data assets, and meet industry standards.

Komodo Consulting (KomodoSec)

Komodo Consulting (KomodoSec)

Komodo Consulting specializes in Penetration Testing and Red-Team Excercises, Cyber Threat Intelligence, Incident Response and Application Security.

Israel Aerospace Industries (IAI)

Israel Aerospace Industries (IAI)

IAI offers a holistic approach that provides defense forces, governments, critical infrastructures and large enterprises with end-to-end cyber security & monitoring tools.

Ipsidy

Ipsidy

Our identity platform enables mobile users to more easily authenticate their identity to a mobile phone or portable device of their choosing.

NTOP

NTOP

NTOP develop high-quality network traffic analysis and DDoS protection software used by small individuals as well by large telecom operators.

Proteus

Proteus

Proteus is an Information Security consulting firm specialized in Risk Analysis and Executive Control.

Vanbreda

Vanbreda

Vanbreda Risk & Benefits is the largest independent insurance broker and risk consultant in Belgium and the leading insurance partner in the Benelux.

SynerLeap

SynerLeap

SynerLeap is ABB's innovation growth hub. Our aim is to help startups accelerate and expand across industries, ranging from industrial automation and robotics to grid technologies and smart cities.

BlueRiSC

BlueRiSC

BlueRiSC invent cutting-edge system assurance solutions for the 21st century with novel software and hardware designs focusing on security technologies that can be game changing.

Exalens

Exalens

With deep roots in AI-driven cyber-physical security research and intrusion detection, at Exalens, we are enhancing operational resilience for cyber-physical systems at the OT edge.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.