PayPal $0.02 USD Scam EXPOSED: The Two-Cents Trap Explained
Written by: Thomas Orsolya
Published on:
A PayPal notification saying someone sent you $0.02 may look harmless. It is only two cents, so it does not feel like a serious financial threat.
That is exactly why scammers use it.
The PayPal $0.02 scam is a small-deposit scam where fraudsters send tiny payments to victims and attach alarming messages about pending charges, suspicious activity, account verification, refunds, or fake PayPal support. The payment amount is small, but the scam behind it can lead to stolen money, compromised accounts, and remote access fraud.
Scam Overview
The PayPal $0.02 scam is a deceptive fraud tactic that uses a tiny incoming PayPal payment as bait. Victims receive $0.02 from an unfamiliar person, fake company, or suspicious account. The transaction may appear inside their real PayPal activity, which makes the message feel more credible than a normal phishing email.
The scam does not depend on stealing the two cents. The $0.02 deposit is only a delivery method.
Scammers use the payment note or related notification to send a frightening message. The note may claim that a much larger charge is pending, that the victim’s account was used for a purchase, that a crypto transaction is about to process, or that suspicious activity was detected.
The message may also include a fake customer support phone number and tell the victim to call immediately if they did not authorize the transaction.
This is the real trap.
Once the victim calls the number, they are not speaking with PayPal. They are speaking with scammers pretending to be PayPal support, billing support, account security, Coinbase support, fraud prevention, or a refund department.
The scam usually follows a simple pattern:
A tiny $0.02 payment appears in PayPal.
The sender is unknown or looks like a fake company.
The transaction note includes an alarming warning.
The note may mention a large pending payment.
The victim is told to call a support number.
A fake agent claims the account is hacked or at risk.
The victim is pressured into installing remote access software, sharing information, or sending money.
The reason this scam works is that the payment appears in a real PayPal environment. Many people are used to ignoring random phishing emails, but a payment notification inside PayPal can feel different.
Victims may think:
“This is in my PayPal account, so it must be official.”
“Why would someone send me two cents?”
“Is someone testing my account?”
“Is a larger payment about to happen?”
“Do I need to cancel this immediately?”
Scammers rely on that confusion.
The $0.02 amount is carefully chosen. It is small enough to seem harmless, but unusual enough to attract attention. It also makes the scam feel less obvious than a fake invoice for hundreds of dollars.
Instead of immediately seeing a charge, the victim receives money. That reverses their expectations and lowers their guard.
The message attached to the payment may mention different scenarios. Some versions claim a payment to Coinbase, Bitcoin, or another crypto platform is pending. Others mention a purchase, subscription renewal, refund confirmation, pre-fund verification, account security review, or suspicious login.
Scammers may also use different sender names. The payment may appear to come from a random person, a fake company, a billing department, an account verification team, or a name designed to look official.
The sender name can change, but the warning signs remain the same.
The danger begins when the victim follows the instructions in the note. If they call the fake support number, scammers use live pressure to take control of the situation. They may sound professional, calm, and helpful. They may pretend to “look up” the case and confirm that a major problem exists.
Then they escalate.
The fake PayPal agent may claim that the victim’s account was hacked, that their device is infected, or that a large charge is about to go through. They may ask the victim to install remote access software such as AnyDesk, TeamViewer, UltraViewer, Zoho Assist, RustDesk, or similar tools.
This is one of the clearest signs of fraud.
PayPal does not need remote access to your phone or computer to review a transaction, reverse a payment, cancel a charge, or secure your account. If someone claiming to be PayPal asks you to install screen-sharing software, you should end the call immediately.
Once scammers have remote access, they may watch the victim log into PayPal, email, online banking, card accounts, or crypto wallets. They may see balances, passwords, security codes, recovery emails, and personal information. They may manipulate the victim into transferring money or approving payments.
Some versions of the PayPal $0.02 scam use the fake refund trick. The scammer pretends to issue a refund, then claims they accidentally refunded too much. They may show fake screens or alter numbers on a webpage to make the victim believe a refund error occurred. Then they pressure the victim to “return” the extra money through gift cards, crypto, bank transfer, or wire transfer.
Other versions use the safe account trick. The scammer claims the victim’s money is at risk and must be moved to a secure account. There is no secure account. The money goes directly to criminals.
The scam may also involve gift cards. The fake support agent may say gift cards are required to verify the account, reverse the transaction, unlock the refund, or stop a pending charge. This is always a scam. No legitimate company uses gift cards to fix PayPal issues.
The PayPal $0.02 scam is also dangerous because it can lead to repeat targeting. If a victim calls the number, shares information, or sends money, scammers may contact them again. They may pretend to be a recovery department, bank fraud team, law enforcement officer, or refund specialist. These follow-up scams are designed to steal more money from someone who has already been manipulated once.
The most important thing to understand is this: the two cents are not the scammer’s goal. The two cents are bait.
The real goal is to make you call, click, install, log in, transfer, or reveal something valuable.
If you receive a PayPal $0.02 payment from someone you do not know, do not panic. Do not call any number included in the transaction note. Do not click links. Do not reply to the sender. Do not install remote access apps. Do not send money to cancel a charge.
Instead, log into PayPal directly through the official app or website. Review your account activity. Report the suspicious transaction to PayPal. Secure your account with a strong password and two-factor authentication.
How the PayPal $0.02 Scam Works
1. Scammers Send a Tiny PayPal Payment
The scam starts when fraudsters send a tiny payment, usually $0.02, to a PayPal user.
The sender may appear as a person, a fake business, a support-style name, or a company the victim does not recognize. In many cases, scammers change the sender names frequently to avoid easy detection.
The tiny amount is not random. It is designed to make the victim curious without feeling immediately threatened.
People often pay attention to unusual payments. A two-cents deposit can make someone wonder if their account is being tested, verified, or linked to an unauthorized service.
That curiosity leads them to open the transaction.
2. The Payment Note Delivers the Scam Message
The real scam usually appears in the transaction note.
The message may claim that:
A large payment is pending.
A Coinbase or crypto purchase is being processed.
A subscription renewal is about to happen.
A refund requires confirmation.
The account has suspicious activity.
The small deposit is for verification.
The victim must call support immediately.
A payment will be charged unless canceled.
The language is often urgent. The note may say “if you did not authorize this” or “contact customer care immediately.”
This turns a tiny deposit into an emotional trigger.
The victim may not care about the $0.02, but they may care deeply about a supposed $499, $799, or $987 pending charge.
3. A Fake Support Number Is Included
Many versions of the PayPal $0.02 scam include a phone number in the note. The number may be described as PayPal Support, PayPal Customer Care, Billing Department, Fraud Support, Coinbase Support, or Account Security.
The number is fake.
It connects to scammers who are waiting for worried victims to call.
This phone-based setup is powerful because it lets scammers adjust their script in real time. If the victim sounds confused, they explain. If the victim sounds scared, they increase urgency. If the victim asks questions, they provide fake answers.
Their goal is to sound official long enough to gain control.
4. The Fake Agent Confirms the False Problem
When the victim calls, the scammer may ask what happened. Once the victim mentions the $0.02 payment or transaction note, the scammer pretends to check the account.
Then they confirm the fake threat.
They may say:
“Yes, we see a pending charge.”
“Your PayPal account has been compromised.”
“A hacker has linked your account to Coinbase.”
“Your device is infected.”
“Someone is trying to withdraw funds.”
“We need to secure your account immediately.”
“Please stay on the line until the process is complete.”
This is a manipulation tactic. The scammer is validating the fear created by the transaction note.
5. The Scam Shifts to Device Security
After confirming the fake problem, the scammer often claims the issue is not only with PayPal. They may say the victim’s phone, computer, or network is infected.
This moves the scam into fake tech support territory.
The scammer may claim that malware caused the suspicious payment or that hackers are monitoring the victim’s device. They may say PayPal cannot secure the account until the device is checked.
This is false.
The purpose is to justify remote access.
6. The Victim Is Asked to Install Remote Access Software
The fake support agent may ask the victim to install software such as:
AnyDesk
TeamViewer
UltraViewer
Zoho Assist
RustDesk
LogMeIn
ScreenConnect
They may describe it as a secure PayPal tool, refund portal, cancellation system, or account protection app.
These tools are not scams by themselves. Real technicians use remote support software for legitimate reasons. But scammers abuse these tools to see and control the victim’s device.
Once installed, the scammer may ask for an access code. If the victim provides it, the scammer can connect.
7. The Victim Is Guided Into Sensitive Accounts
After remote access is active, the scammer may ask the victim to open PayPal, email, banking apps, credit card accounts, or crypto accounts.
They may claim this is needed to verify balances, reverse charges, confirm refunds, or protect money.
This is extremely risky.
The scammer may watch the victim type passwords, see account balances, view personal details, or capture verification codes. They may also use the victim’s own device to make activity look legitimate.
If the scammer can see your online banking screen, they can tailor the scam to the amount of money you have.
8. The Fake Refund Trick May Begin
In many cases, scammers pretend to process a refund.
They may say the suspicious charge has been canceled and a refund is being issued. Then they claim a mistake happened.
For example, they may say they meant to refund $10 but accidentally refunded $1,000. They may show a fake screen or manipulate what appears on the victim’s browser to make it look real.
Then they pressure the victim to send back the “extra” money.
The victim may be told to use:
Gift cards
Bank transfer
Wire transfer
Cryptocurrency
Payment apps
Cash deposit
There was no accidental refund. The money the victim sends goes to the scammers.
9. The Safe Account Scam May Be Used
Another common script is the safe account scam.
The fake agent claims the victim’s bank account is compromised and that money must be moved temporarily to a secure account. They may say PayPal, the bank, or the government will protect the funds.
This is false.
No legitimate PayPal agent will ask you to move money to a safe account. No real bank fraud department will tell you to hide transactions or send money to an unknown account.
10. Gift Card Requests Confirm the Scam
If the scammer asks for gift cards, the scam is confirmed.
They may claim gift cards are needed for verification, refund processing, fraud cancellation, or account protection. They may ask the victim to buy cards from Apple, Google Play, Target, Walmart, Steam, or other retailers.
Then they ask for the codes.
Once the codes are given, scammers can drain the value quickly.
No real PayPal support agent will ever ask for gift cards.
11. The Scammers Try to Keep the Victim Isolated
Scammers often tell victims not to hang up, not to call the bank, not to contact PayPal directly, and not to speak with family members.
They may say the case is confidential. They may claim the bank is compromised. They may warn that outside contact could interrupt the refund or allow the hacker to steal more money.
These are control tactics.
A legitimate support agent will not isolate you.
12. The Scam May Continue After the First Loss
If the victim sends money, scammers may ask for more. They may invent processing fees, security deposits, failed refund fees, taxes, or account unlock charges.
Later, another scammer may contact the victim pretending to recover the lost money.
This is recovery fraud.
Anyone who guarantees they can recover stolen money for an upfront fee should be treated as suspicious.
Common Versions of the PayPal $0.02 Scam
The scam can appear in several forms.
Fake Coinbase Pending Charge
The note claims a large Coinbase payment is pending through PayPal. This version uses fear around cryptocurrency and irreversible transactions.
Fake PayPal Customer Support
The note includes a fake PayPal support phone number and tells the recipient to call if they did not authorize the activity.
Fake Refund Confirmation
The message claims the $0.02 payment is part of a refund process. The scammer then uses a fake refund script to steal money.
Fake Account Verification
The note says the tiny deposit is for account verification, pre-fund confirmation, or security confirmation.
Fake Company Payment
The sender appears as a fake company, billing department, subscription service, or support office.
Suspicious Activity Warning
The message claims unusual activity was detected and instructs the victim to call immediately.
Although the wording changes, the structure is the same. A tiny deposit is used to deliver a scary message and push the victim toward fake support.
Red Flags of the PayPal $0.02 Scam
Watch for these warning signs:
You receive $0.02 from someone you do not know.
The sender name looks random, fake, or unfamiliar.
The payment note mentions a large pending charge.
The note includes a phone number.
The message says to call urgently.
The note mentions Coinbase, crypto, refunds, or suspicious activity.
The caller claims your device is hacked.
The caller asks you to install AnyDesk, TeamViewer, or similar software.
You are asked to log into your bank while on the phone.
You are told to buy gift cards.
You are told to send crypto or wire money.
You are told not to contact PayPal or your bank directly.
The caller says the case is secret or confidential.
The biggest red flag is any request for remote access, gift cards, banking logins, cryptocurrency, or secrecy.
What To Do If You Receive a PayPal $0.02 Payment
If you receive a suspicious two-cents PayPal payment, do not panic. Take these steps.
1. Do Not Call the Number in the Message
If the transaction note includes a phone number, ignore it. Do not call it, even if the message says the issue is urgent.
Use only official PayPal support channels.
2. Do Not Click Any Links
Do not click links in the payment note, email, text message, or any related notification.
Open PayPal manually through the official app or by typing the website address yourself.
3. Check Your PayPal Activity Directly
Log into PayPal and review your activity.
Look for:
Unknown outgoing payments
Pending charges
Linked cards
Linked bank accounts
Automatic payments
New addresses
Account changes
Security alerts
If there is no real outgoing charge, the message was likely a scare tactic.
4. Report the Suspicious Payment to PayPal
Use PayPal’s official Resolution Center or Help Center to report the transaction.
Include the sender name, amount, transaction ID, message text, phone number, and any other details.
5. Do Not Reply to the Sender
Do not message the sender. Do not ask who they are. Do not follow their instructions.
Replying may confirm that your account is active and that you are worried.
6. Do Not Refund Manually Without Checking
Do not send money back to the sender unless PayPal officially instructs you to do so.
A manual refund or separate payment may create more complications.
7. Secure Your PayPal Account
Change your password if anything looks suspicious. Enable two-factor authentication. Review your security settings and remove anything unfamiliar.
Also secure the email account connected to PayPal.
What To Do If You Called the Fake Support Number
If you called the number or interacted with the scammers, act quickly.
1. Hang Up Immediately
End the call. Do not argue, explain, or continue the conversation.
Scammers are trained to keep victims engaged.
2. Disconnect Your Device From the Internet
If you installed remote access software, disconnect from WiFi or mobile data. This helps stop an active remote connection.
3. Uninstall Remote Access Apps
Remove any software the caller told you to install, including AnyDesk, TeamViewer, UltraViewer, Zoho Assist, RustDesk, LogMeIn, or similar tools.
Restart your device afterward.
4. Change Passwords From a Clean Device
Use another trusted device to change passwords for important accounts.
Start with:
Email
PayPal
Online banking
Credit cards
Coinbase or crypto accounts
Password manager
Shopping accounts
Social media accounts
Use strong, unique passwords.
5. Contact Your Bank or Card Issuer
If you shared financial information, logged into banking, sent money, bought gift cards, or allowed the scammer to view your accounts, contact your bank immediately.
Ask them to check for unauthorized activity, block suspicious transactions, replace cards, and secure your account.
6. Report Gift Card Fraud
If you gave gift card codes to scammers, contact the gift card company immediately. Provide receipts and card numbers if you have them.
Ask if the funds can be frozen.
7. Scan Your Device
Run a full malware scan. Check installed apps, browser extensions, downloads, and recently changed settings.
If remote access was granted, consider having the device reviewed by a trusted technician.
8. Report the Scam
Report the scam to PayPal and to any company mentioned in the message, such as Coinbase.
If money was stolen, report it to your local police, consumer protection agency, cybercrime authority, or fraud reporting center.
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
How to Stay Safe From PayPal Two-Cents Scams
Protecting yourself comes down to a few strict rules.
Never trust contact details inside an unexpected payment note. Always go directly to PayPal yourself.
Never install remote access software because a caller says your PayPal account is at risk.
Never buy gift cards, send crypto, or transfer money to reverse a supposed PayPal charge.
Never log into your bank while a stranger is on the phone.
Never share one-time codes, passwords, or recovery information.
Use strong passwords, enable two-factor authentication, and keep your email account secure. Your email is especially important because it can be used to reset other accounts.
If something feels urgent, slow down. Scammers create urgency because calm verification defeats the scam.
FAQ
What is the PayPal $0.02 scam?
The PayPal $0.02 scam is a small-deposit scam where fraudsters send a tiny two-cents payment and attach a fake warning message. The message often claims there is a pending charge, suspicious activity, or a support issue.
Why did someone send me $0.02 on PayPal?
Scammers may send $0.02 to get your attention and make their fake warning appear inside your PayPal account activity. The payment is bait.
Is the $0.02 payment itself dangerous?
The payment itself usually does not give scammers access to your account. The danger comes if you call a fake number, click a link, share information, install remote access software, or send money.
Should I call the number in the PayPal note?
No. Do not call phone numbers included in suspicious PayPal transaction notes. Use PayPal’s official app or website to contact support.
Why does the message mention Coinbase or crypto?
Scammers mention Coinbase or cryptocurrency because people fear unauthorized crypto purchases may be hard to reverse. It is a pressure tactic.
Will PayPal ask me to install AnyDesk or TeamViewer?
No. PayPal will not ask you to install remote access software to cancel a payment, issue a refund, or secure your account.
What if I already gave the scammer remote access?
Disconnect from the internet, uninstall the remote access app, restart your device, run a security scan, and change important passwords from a clean device.
Should I refund the $0.02 payment?
Do not manually refund or interact with the sender without checking with PayPal. Report the suspicious transaction through official PayPal channels.
Can scammers steal my money through a one-cent payment?
Not directly from the payment alone. They steal money by tricking you into calling fake support, giving remote access, sharing credentials, buying gift cards, or transferring funds.
How do I report the PayPal $0.02 scam?
Log into PayPal directly through the official app or website and report the suspicious transaction through PayPal’s Help Center or Resolution Center. Also report any financial loss to your bank and local fraud authorities.
The Bottom Line
The PayPal $0.02 scam uses a tiny payment to make a fake warning look more believable. Scammers may use random names, fake companies, Coinbase references, refund messages, suspicious activity claims, and fake support numbers to pressure victims into acting quickly.
The one-cent payment is not the real danger. The real danger is the instruction attached to it.
If you receive a suspicious $0.02 PayPal payment, do not call the number, do not click links, do not install remote access software, and do not send money. Log into PayPal directly, report the transaction, and secure your account.
Real PayPal support will not ask for gift cards, remote access, banking logins, cryptocurrency transfers, or secrecy. Any caller who does is trying to scam you.
10 Rules to Avoid Online Scams
Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.
Stop and verify before you click, log in, download, or pay.
Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).
If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.
Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.
If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.
Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.
If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.
Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.
If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.
Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.
If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.
Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.
If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.
Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.
If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).
Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.
If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.
Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.
If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.
Move quickly. Speed matters for disputes, account recovery, and limiting damage.
Stop payments and contact: do not send more money or respond to the scammer.
Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
Scan your device: remove suspicious apps or extensions, then run a full malware scan.
Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.
These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
