Fake PayPal Emails Cost £8million In Theft

Uploaded on 2020-11-18 in GOVERNMENT-Law Enforcement, FREE TO VIEW

Action Fraud is warning people selling items online to be on the lookout for criminals sending fake PayPal emails. Between January 2020 and September 2020, 21,349 crime reports were made to Action Fraud about fake PayPal emails. Victims reported losing a total of £7,891,077 during this time. Those targeted included people selling jewelry, furniture and electronics via online marketplaces. 

Reports of fake PayPal emails to Action Fraud made up a third of all reports of online shopping and auction fraud during this period.

Criminals have been targeting people selling items online, by sending them emails purporting to be from PayPal. The emails trick victims into believing they have received payment for the items they’re selling on the platform. Typically, after receiving these emails, victims will then send the item to the criminal. This leaves them at a further disadvantage having not received any payment for the item and also no longer being in possession of it.

Pauline Smith, Head of Action Fraud said: 

“We know that criminals will go to great lengths to target people on online marketplaces, especially now many more people are selling items online due to the coronavirus pandemic....Criminals have taken advantage of the coronavirus outbreak to commit fraud and will continue to do so. We are working hard, together with our partners, such as PayPal, to raise awareness of the types of scams being committed and prevent people from falling victim." 

 “It’s really important to follow our advice to help protect yourself. If you receive a suspicious email claiming you’ve received payment for an item you’re selling, take five minutes to check directly with PayPal that the communication is genuine. If something feels wrong then always question it.”

Action Fraud issued a similar warning earlier this year, after it received 3,059 crime reports about fake PayPal emails between October 2019 and December 2019.

Victims reported losing a total of £1,121,446 during this time. Reports of fake PayPal emails to Action Fraud made up almost 18% of all reports of online shopping and auction fraud during this period.

In one instance, a victim received a fake email purporting to be from PayPal claiming the buyer accidently paid more than they should have.The buyer then asked the victim to pay the difference by sending a gift card to them loaded with the difference, which they did. In another case, the fake email from PayPal claimed the buyer had accidently paid for the item twice.The buyer then asked the seller to wire the overpayment to a bank account in a different country.

What Do You Need To Do?

  • Sellers beware: If you’re selling items on an online marketplace, be aware of the warning signs that your buyer is a scammer. Scammers may have negative feedback history, or may have recently set up a new account to avoid getting poor feedback. Don’t be persuaded into sending anything until you can verify you’ve received the payment.
     
  • Scam messages: Don’t click on the links or attachments in suspicious emails, and never respond to messages that ask for your personal or financial details.

If you think you’ve been a victim of fraud, report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040.

A spokesperson for PayPal, said:

“At PayPal we go to great lengths to protect our customers in the UK, but there are still a few simple precautions we should all take to avoid falling victim to scams... All communications from PayPal to account holders would be sent to the secure message centre within their PayPal account. You will have a secure message waiting if PayPal does need you to take any action... A genuine PayPal email will only ever address you by your full name, anything that starts differently should immediately raise your suspicions. Look out for spelling mistakes, which are a common tell-tale sign of a fraudulent message.”

If you think that you’ve received a suspicious email, you can forward it to PayPal, without changing the subject line. PayPal will let you know whether it is fraudulent or not

PayPal:       Action Fraud:          Gedling Eye:     South Wales Argus:       Birmingham Mail:   

You Might Also Read:

Online Shoppers Have Lost Over £16m To Lockdown Fraud:

 

« British National Cyber Security Guidance
Cyber Security For Home Working »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Silicom Denmark

Silicom Denmark

Silicom Denmark is a premier developer and supplier of FPGA-based interface cards for cyber-security, telecommss, financial trading and other sectors.

Advanced Software Products Group (ASPG)

Advanced Software Products Group (ASPG)

ASPG offers a wide range of innovative mainframe software solutions for Data Security, Access Management, System Management and CICS productivity.

Athena Dynamics

Athena Dynamics

Athena Dynamics focuses on Cyber Security, especially in Critical Information Infra-structure Protection and Enterprise IT Operation Management products and Services.

Wind River

Wind River

Wind River delivers the technology and expertise that enables the deployment of safe, secure, and reliable intelligent connected systems.

ThreatAdvice

ThreatAdvice

ThreatAdvice is a provider of cybersecurity education, awareness and threat intelligence.

OGiTiX

OGiTiX

OGiTiX Software AG is a German software manufacturer specializing in Identity and Access Management.

DataProtect

DataProtect

DataProtect is a specialized information security company providing consultancy, information management, integration and training services.

Sanderson Recruitment

Sanderson Recruitment

Sanderson is a recruitment company providing expert recruitment services in areas including Cyber & Information Security.

Irish National Accreditation Board (INAB)

Irish National Accreditation Board (INAB)

INAB is the national accreditation body for Ireland. The directory of members provides details of organisations offering certification services for ISO 27001.

THEC-Incubator

THEC-Incubator

THEC-Incubator program is designed for international and ambitious tech startups in the Netherlands. Areas of focus include Blockchain and Cyber Security.

Tyler Technologies

Tyler Technologies

Tyler Technologies is a leading provider of end-to-end information management solutions and services for local governments.

Corellium

Corellium

Corellium are dedicated to supporting our peers in the ARM community who seek to build more secure, performant, and accessible software and devices.

Bright Data

Bright Data

Bright Data Inc is the world’s #1 web data platform, enabling organizations to research, monitor, analyze data, and make better decisions.

Valeo Nertworks

Valeo Nertworks

Valeo Nertworks is a full-service Managed Security Service Provider (MSSP). We partner with organizations to remove the burden of technology so that they can focus on growing their business.

Cryptr

Cryptr

Cryptr provides plug and play authentication to manage all your authentication strategies in one place with just a few lines of code.

Metrodata Group

Metrodata Group

PT. Metrodata Electronics, known as Metrodata Group, is the leading information communication technology company in Indonesia.