How do I spot a fake PayPal email?
Fake PayPal emails mimic payment notifications or security alerts to steal your login — check that the sender is @paypal.com and log in directly rather than through any link.
Last reviewed: 10 June 2026
Explanation
PayPal is one of the most impersonated brands in phishing email campaigns. The platform's universal use makes the impersonation plausible to a wide audience. Fraudulent PayPal emails typically claim a payment was sent to you and you need to log in to accept it, that unusual activity was detected and your account is limited, or that a payment was made from your account and you should click to dispute it.
A payment-notification phish is particularly effective in a commercial context: if you sell things online you are expecting payment notifications, so a convincing PayPal email in your inbox prompts immediate action. The link goes to a fake PayPal login page that captures your email and password.
PayPal's real emails always address you by your full name as registered — not 'Dear Customer' or 'Dear PayPal User'. The sender domain is always @paypal.com, never @paypal-security.com, @my-paypal.com, or similar. Any link in a genuine PayPal email goes to paypal.com — hover over any link before clicking to see the destination.
For business sellers, fraudsters also send fake 'payment received' emails that mimic PayPal but ask you to ship the goods before the money clears. Always log in to your actual PayPal account to verify any payment before shipping.
Common red flags
- Email addresses you as 'Dear Customer' rather than your name
- Sender domain is not @paypal.com
- Link in the email goes to any domain other than paypal.com
- Email claims you received a payment you were not expecting
- Urgency about account suspension or limited access
- Asks you to provide card details or bank account to 'restore' your account
What to do now
- Do not click any link in the email
- Open PayPal in a new tab by typing paypal.com
- Check your balance and notifications there directly
- Forward the suspicious email to [email protected]
- Delete the email after reporting it
- If you entered your credentials, change your PayPal password immediately and check linked payment methods
Frequently asked questions
What if I got an email saying I received a large unexpected payment?
This is a common seller scam. Log in to paypal.com directly. If the money is not genuinely in your balance, the email is fake. Never ship goods based on an email alone.
Does PayPal reimburse phishing victims?
PayPal's Purchase Protection covers buyers for items not received or significantly not as described. Phishing losses are not automatically covered but report the fraud to them anyway.
Can I report the phishing email to PayPal?
Yes. Forward the email to [email protected]. PayPal investigates these and takes action against abusive domains.