PayPal Coinbase Crypto Scam Using Fake Invoice and Support Numbers

Photo of author

Written by: Thomas Orsolya

Published on:

Scammers are becoming increasingly sophisticated in their efforts to steal money and personal information from unsuspecting victims. One scam that has been circulating recently involves emails and text messages that appear to come from PayPal regarding a fake Coinbase transaction. This detailed guide will provide an overview of how the scam works, advice for those who may have fallen victim, and key takeaways to help you avoid becoming a target.

Coinbase SCam

Overview of the Coinbase PayPal Scam

The emails and text messages used in this scam are specifically designed to look like legitimate correspondence from PayPal. The messages reference a supposed Coinbase order totaling several hundred dollars for a cryptocurrency purchase.

The senders exploit the name recognition and trustworthiness associated with leading brands like PayPal and Coinbase to make the messages appear authentic. However, upon closer inspection, subtle inconsistencies reveal their fraudulent nature.

Anatomy of the Scam Message

The scam messages share similarities in structure and content to strengthen their guise. They will:

  • Use the PayPal logo and branding
  • Include a customer service number
  • List a transaction date close to the current date
  • Show an order total usually between $500-$1000
  • Provide fake order and reference numbers
  • State that the order can be canceled within 24 hours
  • Supply a fraudulent customer support phone number
  • Use official-sounding job titles like “Payment System Provider”

Here is an example:

Subject: You paid invoice for order no. 805091

PayPal

Reference no: QZE_0356342718430

Thank you for your order  

Dear,

We are proud to be your favourite payment system provider and we really appreciate your transaction with us.  

Please find the order details below. Also, the order can be cancelled or modified within 24 hours of the transaction.

Reach out to us on (+1 803) 882-0370 in case you change your mind.

Order confirmation #66B4-F09B-AB9C

Seller: Coinbase Global, Inc.   

Purchased Item: Solana (SOL)

Delivery + Handling: Free

Total Payment: $805.38

Shipping details  

Customer:  

Email:

Wallet Id: 81e35c0a-039f-492d-a6f9-08b6d0f8ddec

If you have any questions, please contact us at  

(+1 803) 882-0370 .

As you can see, the scam message mirrors the tone and terminology of a legitimate PayPal transaction confirmation. But a closer look reveals inconsistencies that signal fraud.

Red Flags: Subtle Signals that Indicate a Scam

While cleverly disguised, a thorough review can identify multiple red flags that reveal the message’s deceitful intentions:

  • Sender email address: The messages come from non-PayPal or Coinbase email addresses. They often try to mimic legitimate addresses with subtle misspellings.
  • Requests immediate action: Scam messages urge recipients to call provided phone numbers urgently to cancel erroneous orders and recoup losses. This panic-inducing call-to-action distracts targets from uncovering the scam.
  • Asks for gift cards or remote access: Fraudsters want victims to buy gift cards or provide remote access to their devices under the guise of providing refunds or support. This allows them to steal personal data and money.
  • Grammatical/spelling errors: Messages contain various spelling, grammar, and formatting inconsistencies that reveal English is not the sender’s first language, contradicting PayPal’s professional corporate image.
  • Threatens account suspension: Scammers threaten to suspend accounts to frighten recipients into calling them to avoid losses and reputational harm associated with an account cancellation.

By recognizing these common features of scam correspondence, individuals can better detect and avoid becoming unsuspecting victims.

How the PayPal Coinbase Scam Works to Steal Money

The PayPal Coinbase scam leverages the credibility of leading financial platforms to trick targets and ultimately steal personal information and funds. Reviewing how it operates step-by-step reveals the sinister intentions underlying the scheme:

Step 1: Send Fraudulent Notification Emails or Texts

Criminals distribute mass emails or SMS messages informing recipients of an unauthorized cryptocurrency purchase from Coinbase. The messages mirror PayPal order confirmations but contain inconsistencies exposing their illegitimate origins.

Step 2: Urge Recipients to Call the Provided “Support” Number

Messages instruct recipients to call the included customer support number urgently to cancel the bogus orders and prevent account suspension. This establishes contact between targets and fraudsters.

Step 3: Fake Support Agents Redirect Victims to Fake Websites

Callers speak to “support agents” at fake support centers who gain their trust. Agents then send email or text links redirecting victims to fake PayPal and Coinbase login portals to allegedly process refunds.

Step 4: Steal Login Credentials and Personal Information

Victims attempting to log in to the fake sites are prompted to enter their PayPal, Coinbase, or other account usernames and passwords. Scammers steal this confidential data to take over accounts.

Step 5: Demand Remote Access to Devices

Support scammers next convince victims to install remote access software like Anydesk by claiming they need to diagnose security threats. Once granted access, they can steal files, implant malware, access financial accounts, and cause further harm.

Step 6: Pressure Victims to Buy Gift Cards for Payment

Finally, fraudsters pressure victims into purchasing gift cards from various merchants to allegedly process refunds. They demand photos of the redemption codes which they quickly drain of funds and launder for profit.

By recognizing the step-by-step sequence, individuals can identify warning signs they may be caught in this scam’s intricate web.

What To Do If You Fall Victim to the PayPal Coinbase Scam

Despite its growing sophistication, many still succumb to this scam, losing precious funds and personal data. If you discover you’ve fallen prey, remain calm and take the following recommended steps right away:

Step 1: Contact Relevant Institutions Immediately

If you shared financial account details, passwords, or remote access, immediately call those institutions to lock your accounts, reset login credentials, and monitor for fraudulent activity. This limits criminal access gained through the scam.

Step 2: Report the Scam Activity to Appropriate Authorities

Contact essential enforcement and fraud reporting agencies about your experience. Reporting scams helps authorities piece together information to catch criminals and prevent further victimization.

  • File complaints with the Federal Trade Commission (FTC) and Internet Crime Complaint Center (IC3).
  • Contact your local police and state attorney general to report as well. Providing documentation of your experience aids investigations.

Step 3: Notify Retailers If You Bought Gift Cards Under Scam Pressure

If coerced into purchasing gift cards, report it quickly to the retailer. Supply gift card numbers, redemption details, transaction records, and scam specifics. This can fast-track refund or replacement procedures.

Step 4: Carefully Monitor All Accounts Linked to Breached Credentials

Even after getting compromised credentials reset, scammers can still access linked accounts. Rigorously monitor transaction histories and statements across all associated accounts for fraudulent activity. Report any unauthorized activity immediately.

Step 5: Scan Devices Used to Connect with Scammers for Malware

If you downloaded software or clicked any links from scammers, scan devices with security software for malicious programs that jeopardize data. A clean machine ensures criminals have fewer backdoor access routes for future infiltration.

Falling victim to online criminal schemes can be extremely unsettling and financially damaging. But taking swift action lessens ongoing risks and aids recovery.

PayPal Coinbase Scam FAQs: Answers to Common Questions

This frequently asked questions guide covers the most common issues victims and potential targets have regarding the “Coinbase PayPal scam”:

Is This PayPal Message About a Coinbase Order Legitimate?

No. The PayPal emails and SMS messages informing you of a supposed Coinbase cryptocurrency purchase using your PayPal account are scams attempting to steal your money and information. They did not originate from PayPal despite appearing so.

Scammers send messages instructing you to urgently call or visit provided customer support links. This allows them to gain remote access to your device and accounts. From there, they steal your private data and money.

What are Common Characteristics of This PayPal Coinbase Crypto Scam?

Red flags revealing the messages’ fraudulent nature include:

  • Sender email/number not actually associated with PayPal or Coinbase
  • Urgent calls-for-action demanding you immediately call support numbers regarding erroneous charges
  • Poor grammar/spelling contradicting PayPal’s professional image
  • Account suspension threats frightening targets into contacting scammers to allegedly rectify issues
  • Requests for remote access so scammers can steal files and compromise accounts
  • Orders for gift card purchases to allegedly process your “reimbursement”

Was My PayPal Account Compromised?

If you provided your PayPal login credentials on fake account portals sent by scammers, then yes, consider your account compromised.

Criminals can now access your information, initiate transfers, and steal funds. Immediately contact PayPal customer service to lock the account and reset your password.

Closely monitor bank/card statements linked to PayPal for unauthorized charges indicating misuse post-breach. Report suspicious charges to financial institutions right away.

What Steps Should I Take If I Fell Victim?

Firstly, remain calm. Falling victim to online criminal operations can be extremely unsettling. But promptly taking defensive actions limits ongoing risks. Critical next steps include:

  • Contacting all relevant institutions (banks, retailers, PayPal, Coinbase, etc.) regarding compromised login credentials, unauthorized transactions, and gift card purchases
  • Resetting account passwords and enabling added security protocols like two-factor authentication wherever possible to restrict post-breach access
  • Filing detailed complaints with enforcement agencies (FTC, IC3, state attorney general) regarding your experience to aid fraud investigations
  • Scanning devices used during scam interactions for potential malware implanted by fraudsters attempting persistent account system infiltration

How Do I Report This Scam Activity to Help Authorities?

Reporting this scam is crucial to help authorities piece together information to catch criminals and prevent further victimization.

  • File detailed fraud reports with the FTC and FBI IC3
  • Submit scam specifics to your local police station and state attorney general
  • Contact retailers if forced to buy gift cards, providing them with applicable card details and transaction records

Thorough documentation aids law enforcement in assembling evidence to prosecute fraudsters exploiting PayPal and Coinbase’s trusted reputations.

By immediately recognizing common scam characteristics, recipients avoid being manipulated into relinquishing money or data. Carefully inspecting message details and urgently contacting various reporting channels instead facilitates offender prosecution and consumer protection.

The Bottom Line: Key Takeaways to Avoid the PayPal Coinbase Crypto Scam

This pervasive scam exploits trusted brands and urgency to trick targets and steal precious money and information. Based on patterns observed from this scam, incorporating the following defensive strategies will help individuals identify and respond appropriately to attempted fraud:

  • Carefully inspect messages for grammatical errors, urgent calls-to-action, threat of account suspension, and inconsistencies revealing fraudulent origins.
  • Never call, click links, or provide information to unverified parties who contact you unexpectedly online or via messages.
  • Refrain from installing software or allowing remote access at the direction of surprise contacts. This grants fraudsters entry into private data and accounts.
  • Rigorously monitor financial accounts and statements so unauthorized charges connected to breaches get flagged quickly before major losses.
  • Learn scam warning signs like requests for gift cards, threats for immediate action, and broken English errors. Recognize these red flags if contacted.
  • Report scam attempts immediately to financial institutions, retailers,

10 Rules to Avoid Online Scams

Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.

  1. Stop and verify before you click, log in, download, or pay.

    warning sign

    Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).

    If you already clicked: close the page, do not enter passwords, and run a malware scan.

  2. Keep your operating system, browser, and apps updated.

    updates guide

    Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.

    If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.

  3. Use layered protection: antivirus plus an ad blocker.

    shield guide

    Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.

    If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.

  4. Install apps, software, and extensions only from official sources.

    install guide

    Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.

    If you already installed something suspicious: uninstall it, restart, and scan again.

  5. Treat links and attachments as untrusted by default.

    cursor sign

    Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.

    If you entered credentials: change the password immediately and enable 2FA.

  6. Shop safely: research the store, then pay with protection.

    trojan horse

    Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.

    If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.

  7. Crypto rule: never pay a “fee” to withdraw or recover money.

    lock sign

    Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.

    If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.

  8. Secure your accounts with unique passwords and 2FA (start with email).

    lock sign

    Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.

    If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.

  9. Back up important files and keep one backup offline.

    backup sign

    Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.

    If you suspect infection: do not connect backup drives until the system is clean.

  10. If you think you are a victim: stop losses, document evidence, and escalate fast.

    warning sign

    Move quickly. Speed matters for disputes, account recovery, and limiting damage.

    • Stop payments and contact: do not send more money or respond to the scammer.
    • Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
    • Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
    • Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
    • Scan your device: remove suspicious apps or extensions, then run a full malware scan.
    • Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
    • Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.

These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.

Previous

Remove FoundryIntelligence Adware [Virus Removal Guide]

Next

Remove TrojanSpy:Win32/Banker.ARC!MTB [Virus Removal Guide]