EB JV Jared LLC PayPal Scam: Fake Coinbase Charge Alerts Are Tricking Victims
Written by: Thomas Orsolya
Published on:
A new PayPal-themed scam is targeting people with alarming payment notes that appear to come from “EB JV Jared LLC.” These messages claim a large Coinbase or PayPal-related charge is pending and tell the recipient to call a phone number for help.
The alert is fake. It is designed to scare people into calling a scam call center, where criminals pose as PayPal, Coinbase, or technical support agents and try to steal money, banking details, gift card codes, or remote access to the victim’s device.
Scam Overview
The EB JV Jared LLC PayPal scam is a fake payment alert scheme that abuses the trust people have in PayPal, Coinbase, and online transaction notifications. Instead of sending a normal phishing email with a suspicious link, scammers use a more psychological approach: they create a frightening payment note that looks like it may be connected to a real PayPal activity feed, receipt, invoice, transfer, or transaction screen.
The message usually claims that a large amount of money is being processed, pending, pre-funded, or charged. In the example currently circulating, the message says:
“Pre-fund confirmation: USD 987.90 is pending charge to Coinbase via PayPal. This small deposit is just used for the account activation check. For questions, Call-(888) 607-0685.”
Other versions may use similar wording and different phone numbers, including numbers such as 888-912-2470. The business name “EB JV Jared LLC” may appear at the top of the note, making it look like the transaction is tied to a company or merchant the victim does not recognize.
That confusion is intentional.
When someone sees a strange company name, a large amount like $987.90, and a reference to Coinbase or PayPal, the first reaction is usually fear. Many people immediately think their account has been hacked, a crypto wallet has been linked, or someone is about to drain money from their PayPal balance or bank account.
The scammers rely on that panic. Their goal is not necessarily to make you click a link. Their goal is to make you call the phone number in the message.
Once you call, the scam moves from a fake alert into a full fake tech support operation. The person on the phone may claim to be from PayPal support, Coinbase support, fraud prevention, account security, or a billing department. They may sound calm, professional, and convincing. They may tell you that the transaction can still be stopped, but only if you act quickly.
From there, the scam can take several dangerous directions.
The caller may be told their device is infected, their PayPal account has been compromised, or their bank is connected to unauthorized transactions. The scammer may ask them to install remote access software such as AnyDesk, TeamViewer, UltraViewer, or a similar tool. They may claim this is needed to “cancel the transaction,” “secure the account,” “issue a refund,” or “remove hackers.”
That is where the real danger begins.
Once remote access is granted, scammers can see the victim’s screen, guide them into logging into online banking, pressure them into revealing personal information, or manipulate what appears on the screen. In some cases, scammers use fake refund forms, altered bank pages, or screen blackout tools to make the victim believe a mistake has occurred and that money must be returned.
Another common tactic is the gift card demand. The scammer may claim that the only way to reverse the pending charge, verify the account, or fix a refund error is to buy gift cards from stores like Apple, Google Play, Target, Walmart, Best Buy, or Steam. The victim is then pressured to read the codes over the phone.
Once those codes are shared, the money is usually gone.
The scam is especially effective because it combines several high-pressure elements:
A recognizable payment brand, such as PayPal
A large unexpected amount, such as $987.90
A crypto-related reference, such as Coinbase
A strange merchant name, such as EB JV Jared LLC
A phone number that appears to offer quick help
Urgent language suggesting the payment is pending
A fake support agent who claims the account is at risk
This is not a real PayPal security process. PayPal does not ask users to call random phone numbers placed inside payment notes to stop suspicious transactions. PayPal also does not ask customers to install remote access software, buy gift cards, or move money to “safe” accounts.
The EB JV Jared LLC PayPal scam is best understood as a refund and tech support scam disguised as a payment alert.
The message is only the bait. The phone call is where the theft happens.
How The Scam Works
1. The Victim Receives a Strange PayPal-Style Payment Note
The scam usually begins with a message that looks like a PayPal note, invoice, transaction alert, or payment-related notification. It may appear to reference a merchant named “EB JV Jared LLC” and include a warning about a Coinbase charge through PayPal.
The wording often looks something like this:
“Pre-fund confirmation: USD 987.90 is pending charge to Coinbase via PayPal. This small deposit is just used for the account activation check. For questions, Call-(888) 607-0685.”
Some versions may say “money received,” “transaction details,” “pre-fund confirmation,” “pending charge,” or “account activation check.” These phrases are chosen to sound financial and official, even though the wording is awkward.
The message may also include a transaction date, a business name, and a customer support number. These details make the scam look more believable at first glance.
The victim may not recognize EB JV Jared LLC. That is part of the trap. A strange company name makes the payment feel unauthorized, which increases the victim’s urge to act immediately.
2. The Message Creates Panic Around PayPal and Coinbase
The scammers use PayPal and Coinbase because both are associated with money movement. PayPal is widely used for online payments, while Coinbase is connected to cryptocurrency. When the two are mentioned together, many people assume the situation is serious.
A victim may think:
“Did someone link my PayPal to Coinbase?”
“Is a crypto purchase being made in my name?”
“Will $987.90 be taken from my bank account?”
“Has someone hacked my PayPal?”
“Do I need to call before the payment goes through?”
This emotional reaction is exactly what the scam is designed to produce.
The message may say the charge is “pending,” which makes the victim believe there is still time to stop it. That creates urgency. The scammer wants the victim to call before they think carefully, check their real PayPal account, or search for the official PayPal support page.
3. The Fake Support Number Becomes the Main Trap
The phone number in the message is not PayPal. It is not Coinbase. It leads to scammers.
Numbers such as 888-607-0685 or 888-912-2470 may be used in these fake alerts, but scammers can change numbers quickly. The exact number may vary from one message to another.
When the victim calls, the scammer usually answers in a professional tone. They may say they are from PayPal billing, PayPal fraud prevention, Coinbase security, or a third-party account verification team.
The scammer’s job is to keep the victim on the phone and build trust. They may ask basic questions first, such as:
Did you authorize this transaction?
Are you trying to purchase cryptocurrency?
Do you recognize EB JV Jared LLC?
Are you using PayPal on a phone or computer?
Is your bank account connected to PayPal?
These questions are designed to make the call feel legitimate. They also help the scammer identify how much money the victim may have access to.
4. The Scammer Claims the Account Is Hacked or Compromised
After the victim explains they did not authorize the payment, the scammer usually escalates the situation.
They may claim that:
The victim’s PayPal account has been hacked
A Coinbase wallet has been linked without permission
Several suspicious transactions are pending
The victim’s device is infected with malware
Hackers are watching the account
The bank account linked to PayPal is at risk
The transaction can only be stopped through a “secure process”
This is fake. The scammer is creating a crisis to gain control.
The more frightened the victim becomes, the easier it is for the scammer to push risky instructions. The scammer may repeatedly warn the victim not to hang up, not to contact their bank yet, or not to log out of the account.
Those instructions are red flags.
Real PayPal support will not pressure you to stay on the phone with a random number from a suspicious transaction note. They will not tell you to hide the issue from your bank. They will not ask you to give them control of your computer or phone.
5. The Victim Is Asked to Install Remote Access Software
One of the most dangerous parts of the EB JV Jared LLC PayPal scam is the remote access request.
The fake support agent may ask the victim to install software such as:
AnyDesk
TeamViewer
UltraViewer
Supremo
Zoho Assist
ScreenConnect
RemotePC
The scammer may say the software is needed to verify the transaction, remove a hacker, process a refund, or cancel the pending Coinbase charge.
This is never safe in this context.
Remote access software allows another person to view or control your device. If a scammer gains access, they may watch you type passwords, access email accounts, open banking pages, change settings, download files, or guide you into revealing sensitive information.
Some scammers may ask the victim to log into PayPal, online banking, email, or a crypto account while remote access is active. That can expose passwords, security codes, account balances, transaction history, and personal details.
Even if the scammer says they cannot see your password, assume they can see enough to harm you.
6. The Fake Refund Trick May Be Used
Many PayPal phone scams use a refund manipulation technique.
The scammer may claim they are reversing the $987.90 transaction. They then ask the victim to fill out a refund form while screen sharing is active. In some cases, they may manipulate the screen or use browser tools to make it look as if too much money was refunded.
For example, the scammer may claim:
“We accidentally refunded $9,879 instead of $987.90.”
“The money came from our company account.”
“You need to return the extra amount immediately.”
“If you do not fix this, I will lose my job.”
“You must send back the difference today.”
This is all staged.
No real money was accidentally refunded. The scammer is using fear, confusion, and guilt to pressure the victim into sending money.
They may ask for a bank transfer, wire transfer, cryptocurrency payment, payment app transfer, or gift card codes. Gift cards are especially common because they are fast, hard to reverse, and easy for criminals to resell.
7. The Gift Card Demand Appears
If the scam reaches this stage, the victim may be instructed to buy gift cards. The scammer may tell them exactly which store to visit, how much to buy, and what to say if the cashier asks questions.
They may ask for cards from:
Apple
Google Play
Target
Walmart
Best Buy
Steam
eBay
Visa or Mastercard prepaid cards
The scammer may keep the victim on the phone while they drive to the store. They may tell them not to mention PayPal, Coinbase, or the phone call. They may claim the gift cards are needed for verification, account locking, refund correction, or fraud protection.
No legitimate company uses gift cards to fix a PayPal payment problem.
Once the victim reads the card numbers and PINs, the scammer can drain the value quickly. Recovering that money is difficult, but victims should still report it immediately.
8. The Scammer May Try to Steal Banking Information
Some scammers use the fake PayPal alert as a path into the victim’s bank account.
They may ask the victim to log into online banking so they can “verify whether the pending charge affected your bank.” They may also ask for the bank name, balance, recent transactions, debit card details, or one-time security codes.
This can lead to direct financial theft.
A scammer with remote access and banking visibility may attempt transfers, create new payees, change contact information, or trick the victim into approving a transaction. They may also collect enough information for future identity theft attempts.
Never log into your bank account while a stranger has remote access to your device.
9. The Scammer Tries to Keep the Victim Isolated
A common tactic in these scams is isolation. The fake support agent may tell the victim:
Do not hang up.
Do not call your bank.
Do not tell anyone nearby.
Do not search online.
Do not visit a PayPal branch or office.
Do not speak with store employees about why you need gift cards.
This is done because outside advice can break the scam. A family member, cashier, bank employee, or real PayPal support representative may recognize the fraud immediately.
If someone on the phone tells you to keep a financial issue secret, treat it as a major warning sign.
10. The Scam May Continue After the First Payment
Unfortunately, scammers often come back after a victim pays once.
They may claim the first payment did not work, another transaction is pending, the refund failed, or the victim must pay a “security fee” to unlock their account. They may also transfer the victim to another fake department, such as a “senior technician,” “fraud manager,” or “banking supervisor.”
In some cases, victims are contacted again days later by someone pretending to help recover the money. This is known as a recovery scam. The second scammer may claim they can get the money back for a fee, but that is another trap.
Once scammers know someone is willing to pay, they may keep trying.
What To Do If You Have Fallen Victim to This Scam
If you called the number, installed remote access software, shared information, bought gift cards, or sent money, act quickly. Do not panic. The right steps can reduce the damage.
1. Disconnect From the Scammer Immediately
Hang up the phone. Do not continue the conversation, even if the caller sounds threatening or says your account will be locked.
If remote access software is still open, disconnect your internet connection first. Turn off WiFi, unplug the Ethernet cable, or put the device in airplane mode.
Then close the remote access app. If you are unsure whether it is still active, shut down the device.
2. Remove Remote Access Software
Uninstall any remote access tools the scammer asked you to install. Look for apps such as AnyDesk, TeamViewer, UltraViewer, Supremo, or similar programs.
If you are not comfortable doing this yourself, ask a trusted technician to inspect the device. Tell them clearly that a scammer had remote access.
Do not keep using the device for banking until you are confident it is secure.
3. Change Important Passwords From a Safe Device
Use a different device that the scammer never accessed. Change passwords for:
PayPal
Coinbase
Online banking
Email accounts
Apple ID or Google account
Payment apps
Shopping accounts with saved cards
Password manager accounts
Start with your email account because it can be used to reset other passwords.
Use strong, unique passwords. Do not reuse old passwords.
4. Turn On Two-Factor Authentication
Enable two-factor authentication on your PayPal, email, bank, and crypto accounts. Use an authenticator app when possible.
If you already had two-factor authentication enabled and shared a code with the scammer, contact the affected company immediately. One-time codes should never be given to anyone who calls you.
5. Contact PayPal Through Official Channels
Do not call the number from the suspicious message.
Log in directly at PayPal’s official website or app and check your activity. Look for unauthorized payments, invoices, money requests, linked cards, linked banks, or account changes.
If you see anything suspicious, report it through PayPal’s Resolution Center or official support options.
If there is no matching transaction in your real PayPal account, that is another sign the EB JV Jared LLC message was only bait.
6. Contact Your Bank or Card Issuer
Call the number on the back of your bank card or use the official banking app. Tell them you may have been targeted by a fake PayPal support scam.
Ask them to check for unauthorized transactions, pending transfers, new payees, card activity, and account changes.
If you shared card details, banking login information, or allowed remote access while logged into your bank, ask the bank whether your card or online banking credentials should be replaced.
7. Report Gift Card Payments Immediately
If you bought gift cards and gave the codes to the scammer, contact the gift card issuer right away. Provide the card numbers, receipts, purchase time, and store location.
The money may already be gone, but fast reporting gives you the best chance of freezing unused funds.
Also keep all receipts and screenshots. They may help with reports and investigations.
8. Report the Scam
Report the incident to the appropriate authorities and platforms. Useful places include:
PayPal’s official fraud reporting channels
Coinbase support, if your Coinbase account was involved
Your bank or card issuer
The gift card company, if gift cards were used
The FTC at ReportFraud.ftc.gov
The FBI Internet Crime Complaint Center at IC3.gov, if you are in the United States
Your local cybercrime or consumer protection authority
Include the scam phone numbers, such as 888-607-0685 or 888-912-2470, if they appeared in your message.
9. Watch for Follow-Up Scams
After one scam attempt, you may receive more calls, texts, or emails. Scammers may pretend to be:
PayPal recovery agents
Coinbase fraud investigators
Bank security staff
Government refund departments
Law enforcement
Hackers demanding payment
Companies promising to recover stolen funds
Be careful. Real organizations do not ask for gift cards, remote access, crypto transfers, or upfront recovery fees.
10. Warn Family Members Who May Be at Risk
This scam can affect anyone, but older adults and less technical users are often heavily targeted by fake support call centers.
Share the warning with family members. Tell them not to call phone numbers inside suspicious PayPal notes, invoices, or payment messages.
A simple warning can prevent a major loss.
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
The Bottom Line
The EB JV Jared LLC PayPal scam is not a real PayPal charge, Coinbase payment, or account activation check. It is a fake alert designed to push victims into calling fraudulent support numbers such as 888-607-0685 or 888-912-2470.
Once on the phone, scammers may claim your device is hacked, ask you to install remote access software, pressure you to log into banking, or demand gift cards to “fix” the problem.
Do not call the number in the message. Do not install AnyDesk or similar apps for someone claiming to be PayPal support. Do not send gift card codes, crypto, or bank transfers.
If you receive a message from “EB JV Jared LLC” claiming a PayPal or Coinbase charge is pending, check your PayPal account only through the official app or website. If the transaction is not there, treat the message as a scam and report it.
FAQ About the EB JV Jared LLC PayPal Scam
What is the EB JV Jared LLC PayPal scam?
The EB JV Jared LLC PayPal scam is a fake payment alert scheme that claims a large PayPal or Coinbase-related charge is pending. The message urges victims to call a fake support number, where scammers try to steal money, banking details, gift card codes, or remote access to the victim’s device.
Is EB JV Jared LLC really charging my PayPal account?
In most cases, no. The message is usually designed to scare you into calling the phone number shown in the note. Check your PayPal activity only through the official PayPal app or website. Do not call the number inside the suspicious message.
Why does the message mention Coinbase via PayPal?
Scammers mention Coinbase because cryptocurrency-related payments sound urgent and serious. The goal is to make victims believe someone linked their PayPal account to a crypto wallet or started an unauthorized crypto purchase.
Should I call 888-607-0685 or 888-912-2470?
No. These numbers are associated with the scam message and should not be trusted. Calling them may connect you to fake tech support agents who may try to get remote access to your device or pressure you into sending money.
What happens if I call the fake PayPal support number?
The scammer may claim your account was hacked, your device is infected, or a payment must be canceled immediately. They may ask you to install AnyDesk, TeamViewer, or similar remote access software. They may also ask for banking details, security codes, gift cards, or crypto payments.
Is this a real PayPal security alert?
No. PayPal does not ask users to call random phone numbers placed inside payment notes. PayPal also does not ask customers to buy gift cards, install remote access software, or give control of their computer to cancel a transaction.
What should I do if I installed AnyDesk or another remote access app?
Disconnect from the internet, close the app, and uninstall it. Then change important passwords from a different, safe device. Contact your bank, PayPal, and any affected accounts if you logged in while the scammer had access.
What if I gave the scammer gift card codes?
Contact the gift card company immediately and provide the card numbers, receipts, and purchase details. The money may be difficult to recover, but fast reporting can sometimes help freeze unused funds.
What if I gave the scammer my bank information?
Call your bank using the official number on your card or banking app. Explain that you were targeted by a fake PayPal support scam. Ask them to check for unauthorized activity, block suspicious transfers, and replace compromised cards or credentials if needed.
How can I avoid PayPal phone scams like this?
Never trust phone numbers inside suspicious payment notes, invoices, or emails. Log in directly to PayPal through the official app or website. If a transaction does not appear there, the message is likely fake. Never install remote access software for someone who contacts you about a payment problem.
10 Rules to Avoid Online Scams
Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.
Stop and verify before you click, log in, download, or pay.
Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).
If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.
Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.
If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.
Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.
If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.
Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.
If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.
Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.
If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.
Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.
If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.
Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.
If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).
Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.
If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.
Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.
If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.
Move quickly. Speed matters for disputes, account recovery, and limiting damage.
Stop payments and contact: do not send more money or respond to the scammer.
Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
Scan your device: remove suspicious apps or extensions, then run a full malware scan.
Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.
These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
