PayPal PHP Small Deposit Scam: The ₱0.01 Payment Trap Explained
Written by: Thomas Orsolya
Published on:
A tiny PayPal deposit can look harmless at first. It may be only ₱0.01 PHP, a fraction of a cent, and it may even appear to come with an urgent message about a recent payment, suspicious activity, or account protection.
But this small deposit can be the opening move in a dangerous PayPal support scam.
The PayPal PHP Small Deposit Scam uses real-looking payment notifications, tiny transaction amounts, and fake customer service phone numbers to push victims into calling a scam call center. Once the victim calls, the scam shifts from a payment alert into a full tech support fraud designed to steal money, personal information, banking access, and sometimes control of the victim’s device.
This article explains how the scam works, why the tiny deposit is used, what warning signs to look for, and what to do if you already called the number or gave the scammers access.
Scam Overview
The PayPal PHP Small Deposit Scam is a fake customer support and tech support scam built around a tiny PayPal-related transaction. In many reports, the amount is extremely small, such as ₱0.01 PHP. The message may claim that the victim’s PayPal account received a small deposit as part of a payout confirmation, account verification, refund process, or suspicious payment review.
The scam is designed to create confusion. Most people do not expect to receive a deposit that small. When they see an urgent message connected to PayPal, especially one that mentions account security or an unauthorized payment, they may feel pressured to act quickly.
That pressure is exactly what the scammers want.
The fake notice often includes language similar to:
“Urgent: Steps needed for your recent payment”
“Your account processed a payout by small deposit confirmation”
“If you did not authorize this, contact PayPal Customer Care immediately”
Then it provides a phone number.
That phone number is not PayPal.
It connects the victim to scammers pretending to be PayPal support, account security agents, refund specialists, or fraud prevention staff. Their goal is not to help. Their goal is to keep the victim on the phone long enough to manipulate them into giving up access, information, or money.
The scam is especially convincing because it mixes several elements that feel familiar:
A recognizable PayPal brand name
A tiny transaction amount
A fake urgent security warning
A “customer care” phone number
A message that appears to offer help
A claim that the account may be unsafe
A request to call immediately
The scammers know that PayPal users are trained to watch for unauthorized payments. They also know that many people panic when they see anything related to account security, refunds, bank connections, or payment processing.
The tiny ₱0.01 PHP amount is not random. It is used as bait.
A very small amount can bypass a victim’s usual skepticism because it does not look like a large theft. Instead of thinking, “Someone stole money from me,” the victim may think, “Why did PayPal send me this?” or “Is someone testing my account?” That uncertainty makes the fake support number more tempting.
The scam can appear in different forms. Some victims may receive an email. Others may see a small transaction note. Some may receive a payment notification that includes a message written by the sender. The details can vary, but the structure is usually the same.
A small deposit is used to deliver an alarming message. The message tells the victim to call a phone number. The number leads to fake support. The fake support agent then escalates the situation.
Once the victim calls, the scammer may claim that:
The victim’s PayPal account was hacked
A third-party wallet is connected to the account
A large payment is pending
A refund must be processed immediately
The victim’s phone or computer is infected
Their bank account is at risk
Their identity has been compromised
A hacker is watching their device
The account must be “secured” through remote access
This is where the scam becomes much more dangerous.
The scammer may ask the victim to install remote access software such as AnyDesk, TeamViewer, UltraViewer, Zoho Assist, or another screen-sharing tool. They may say this is required to cancel the payment, process a refund, remove malware, or secure the PayPal account.
In reality, remote access gives the scammers a window into the victim’s device. Depending on what permissions are granted, they may be able to see the screen, guide the victim into logging into banking sites, copy sensitive information, capture passwords, or pressure the victim into moving money.
A common tactic is the fake refund trick. The scammer may pretend to issue a refund, then claim that they accidentally refunded too much. They may show fake screens, manipulate numbers, or use browser tools to make it look like a refund error happened. Then they pressure the victim to “return” the extra money through gift cards, wire transfers, crypto, payment apps, or bank transfers.
Another common tactic is the fake account protection script. The scammer claims that criminals are trying to drain the victim’s bank account. Then they instruct the victim to transfer money to a “safe account,” buy gift cards for verification, or withdraw cash. There is no safe account. The money goes to the scammers.
The PayPal PHP Small Deposit Scam is not really about ₱0.01 PHP. The tiny deposit is just the hook. The real scam begins when the victim calls the number.
This fraud is dangerous because it uses the victim’s fear against them. It does not rely only on fake links or fake websites. It relies on live manipulation, phone pressure, and false authority.
The scammers often sound professional. They may use call center scripts. They may know basic PayPal terminology. They may place the victim on hold, transfer them to a “senior technician,” or claim to connect them with the “fraud department.” These details are meant to make the call feel official.
The scam also targets people who are careful. Many victims do not click suspicious links. They may ignore obvious phishing emails. But a tiny payment with a phone number feels different. It may look like the victim is calling to verify something rather than responding to a scam.
That is why this scam is so effective.
It turns caution into the next step of the fraud.
A real PayPal security issue should be checked only by logging into PayPal directly through the official app or website. You should never trust a phone number included in an unexpected payment note, email, text message, or transaction memo.
If there is a real account issue, it will appear inside your PayPal account when you log in safely. PayPal will not require you to install remote desktop software, buy gift cards, move money to a safe account, or reveal banking passwords over the phone.
The most important thing to understand is this: the deposit amount is not the scammer’s target. You are.
The small transaction is only a delivery method for the fake warning. The phone call is where the scammers try to take control.
How The Scam Works
The PayPal PHP Small Deposit Scam usually follows a clear pattern. The exact wording may change, but the fraud depends on the same psychological steps: surprise, urgency, fear, fake authority, remote access, and payment pressure.
Here is how the scam typically unfolds.
Step 1: The Scammer Sends a Tiny Deposit or Fake Payment Notice
The scam begins with a tiny amount connected to PayPal, often written as ₱0.01 PHP. This may appear as a small deposit, a payment notification, or an email styled to look like a PayPal message.
The point is not the amount. The point is to get your attention.
A deposit that small feels strange. It is too small to be a normal payment, but it is still specific enough to make the message seem real. The scammers use that confusion to make you read the attached note or email.
The message may claim the deposit is linked to:
A payout confirmation
Account activation
A recent payment
A third-party wallet
Suspicious activity
A refund process
PayPal account verification
An unauthorized transaction
This gives the scam a believable starting point. The victim is not told, “You lost $500.” Instead, they are shown a tiny transaction and told something may be wrong.
That feels more subtle, which makes it more dangerous.
Step 2: The Message Creates Urgency
After the tiny deposit catches your attention, the scam message pushes urgency.
It may say that immediate steps are needed. It may warn that your account was used without permission. It may claim a larger amount will be processed soon unless you call customer care.
The wording is usually designed to make you feel that waiting could make things worse.
Common phrases may include:
“Urgent”
“Immediate action required”
“If you did not authorize this”
“Contact customer care immediately”
“Secure your account”
“Request a refund”
“Suspicious activity detected”
“Your account has been activated successfully”
These phrases are not accidental. They are written to interrupt calm thinking.
When people feel rushed, they are more likely to call the number without checking whether it is real. Scammers know this, so they try to make the message feel time-sensitive.
Step 3: The Fake PayPal Number Becomes the Trap
The scam message includes a phone number and presents it as PayPal Customer Care, PayPal Support, PayPal Security, or PayPal Billing.
This is the main trap.
The number does not connect to PayPal. It connects to a scam call center or an individual fraudster pretending to work for PayPal.
The scammer may answer with a professional greeting. They may ask for your name, email address, phone number, or PayPal account details. They may tell you they need to “verify” your identity before discussing the transaction.
At this point, the scammer is gathering information and building trust.
They may already know what message you received because they sent it. That allows them to sound prepared. If you mention the tiny ₱0.01 PHP deposit, they can immediately respond with a scripted explanation.
They may say something like:
“Yes, we see suspicious activity on your account.”
“Your account has been linked to a third-party wallet.”
“There is a pending payment that needs to be canceled.”
“A hacker is trying to access your PayPal.”
“We need to secure your device before the refund can be processed.”
The goal is to make you believe the threat is real and that they are the only ones who can fix it.
Step 4: The Scammer Claims Your Device Is Hacked or Infected
Once you are on the phone, the scam often shifts away from the tiny deposit and toward your device.
The fake support agent may claim that your PayPal issue was caused by malware, hackers, a compromised network, or unauthorized access from another location. This is a classic tech support scam tactic.
They may say your phone or computer is infected. They may claim that someone is watching your screen. They may tell you that your bank accounts are exposed.
This part is designed to frighten you into following instructions.
The scammer may speak quickly, use technical terms, and make the problem sound serious. They may say that closing the call could leave your account vulnerable. They may warn you not to open other apps or speak to anyone else.
That isolation is important. Scammers do not want you to pause, verify, or ask someone you trust.
Step 5: They Ask You to Install Remote Access Software
Next, the fake PayPal agent may ask you to install a remote access app. They may present it as a security tool, refund tool, verification tool, or PayPal support screen-sharing app.
They may mention software like:
AnyDesk
TeamViewer
UltraViewer
Zoho Assist
RustDesk
ScreenConnect
LogMeIn
Other remote support tools
These tools are legitimate when used properly by real IT professionals. But scammers abuse them to gain visibility and control.
They may say they need remote access to:
Cancel the suspicious payment
Process the refund
Remove hackers
Verify the device
Secure the PayPal account
Check whether your bank is safe
Confirm your identity
You should treat this as a major red flag.
PayPal will not ask you to install AnyDesk or similar software to fix a payment issue. A real payment dispute can be handled inside your PayPal account, through official support channels, or through your bank if needed.
Once scammers have remote access, they may be able to see anything you type. They may watch you log into email, PayPal, banking apps, or password managers. They may ask you to disable security warnings. They may tell you to ignore pop-ups from your bank or antivirus.
They may also blank your screen or ask you not to touch your keyboard while they “work.” During that time, they may be looking for sensitive data.
Step 6: They Push You Toward Your Bank Account
After gaining your trust, the scammer may ask you to log into your bank account. They may claim this is necessary to confirm whether money was stolen, process a refund, or protect your funds.
This is extremely dangerous.
If you log into online banking while a scammer has remote access, they may see your account balances, transaction history, account numbers, and other sensitive information. They may pressure you to move money. They may claim that one of your accounts is compromised.
They may also use the information they see to tailor the scam. For example, if they see you have a certain balance, they may invent a fake emergency that matches the amount they want to steal.
Common lies include:
“Your checking account has been compromised.”
“We need to move your money to a secure holding account.”
“Do not tell the bank because the hacker may be inside the system.”
“This is a temporary transfer for account protection.”
“You will receive the money back after verification.”
“Your refund failed and must be corrected manually.”
These statements are false.
No legitimate PayPal support agent will ask you to log into your bank while they watch through remote access.
Step 7: The Fake Refund Trick Begins
One of the most common versions of this scam is the fake refund trick.
The scammer may pretend to refund a payment connected to the tiny deposit. Then they claim something went wrong.
They may say they meant to refund $10 but accidentally sent $1,000. Or they may say a refund was processed twice. They may use fake screens, edited forms, or simple browser manipulation to make it look like extra money appeared in your account.
Then they act panicked.
They may say they will lose their job unless you return the extra money. They may beg, pressure, or threaten you. They may tell you the refund error must be fixed immediately.
This emotional manipulation is deliberate. They want you to feel responsible for a mistake that never happened.
They may ask you to “return” the money through:
Gift cards
Cryptocurrency
Wire transfer
Payment apps
Bank transfer
Cash deposit
Money transfer services
Gift cards are especially common because they are fast and hard to reverse. The scammer may ask you to buy Apple, Google Play, Target, Walmart, Steam, or other gift cards, then read the codes over the phone.
Once the codes are shared, the money is usually gone.
Step 8: They May Ask for Gift Cards as “Verification”
In some cases, the scammer does not use the fake refund story. Instead, they claim gift cards are needed for account verification, security deposits, fraud reversal, or refund authorization.
This is always a scam.
No legitimate company uses gift cards to verify PayPal payments, unlock refunds, secure accounts, or remove hackers.
Gift card requests are one of the clearest signs that the caller is a scammer.
The scammer may tell you:
“Do not tell the cashier why you are buying the cards.”
“Say they are for personal use.”
“Stay on the phone while you buy them.”
“Send photos of the cards.”
“Read the numbers carefully.”
“Do not hang up until the process is complete.”
These instructions are meant to prevent store employees, family members, or bank staff from warning you.
Step 9: They Try to Keep You Isolated
Scammers do not want you to slow down. They may keep you on the phone for hours. They may tell you not to contact PayPal directly, not to call your bank, and not to discuss the issue with anyone.
They may say the case is confidential. They may claim there is an active investigation. They may warn that talking to others could block the refund.
These are control tactics.
A real support agent will not forbid you from contacting your bank, checking the official PayPal app, or speaking with a family member. Scammers do this because outside advice can break the spell.
Step 10: The Scam Continues Until the Victim Stops Responding
If the victim pays once, the scammers may continue.
They may claim the first payment failed. They may say more money is needed to unlock the refund. They may invent taxes, security fees, reversal fees, bank hold fees, or verification charges.
They may also call back from new numbers, pretending to be PayPal, the bank, law enforcement, or a recovery department.
Some victims are targeted again after the first scam. This is called recovery fraud. The scammer, or another scammer using the victim’s information, claims they can recover the stolen money for a fee.
That is also a scam.
Once you realize what happened, stop communicating with the scammers immediately and focus on securing your accounts.
Warning Signs of the PayPal PHP Small Deposit Scam
This scam has several red flags. One warning sign is enough to be cautious. Several together mean you should stop immediately.
The Deposit Is Tiny and Unexpected
A random ₱0.01 PHP payment or small deposit connected to an urgent message should be treated with suspicion, especially if it tells you to call a phone number.
The Message Includes a Phone Number
Scammers often use transaction notes, emails, or fake invoices to push victims toward a phone call. Do not trust phone numbers included in unexpected PayPal messages.
The Message Uses Urgent Language
Words like “urgent,” “immediately,” “secure your account,” or “unauthorized activity” are used to create panic.
The Caller Asks for Remote Access
This is one of the biggest red flags. PayPal does not need remote control of your device to cancel a payment or review your account.
The Caller Mentions Hackers or Malware
Fake PayPal support agents often turn the conversation into a fake tech support emergency. They may claim your device is infected, hacked, or being monitored.
They Ask You to Log Into Your Bank
Never log into online banking while someone on the phone is watching your screen or guiding your actions.
They Ask for Gift Cards
Any request for gift cards, gift card codes, crypto, wire transfers, or a “safe account” is a scam.
They Tell You Not to Contact PayPal or Your Bank
Real companies do not isolate customers. Scammers do.
What To Do If You Have Fallen Victim to This Scam
If you called the fake PayPal number, installed remote access software, shared information, logged into accounts, or sent money, act quickly. Do not panic, but do move step by step.
1. End Contact With the Scammers Immediately
Hang up the call. Do not answer follow-up calls. Do not reply to texts or emails from the scammers.
They may call back using different numbers. They may pretend to be PayPal, your bank, a refund department, or law enforcement. Do not engage.
If they already scared you once, they may try again.
2. Disconnect Your Device From the Internet
If you installed AnyDesk, TeamViewer, UltraViewer, or another remote access tool, disconnect your device from WiFi or unplug the internet connection.
This helps stop any active remote session.
On a phone, turn off WiFi and mobile data. On a computer, disconnect from the network.
3. Remove Remote Access Software
Uninstall any remote access programs the scammer asked you to install.
Look for names such as AnyDesk, TeamViewer, UltraViewer, Zoho Assist, RustDesk, LogMeIn, ScreenConnect, or any app you do not recognize.
After uninstalling, restart the device.
If you are not comfortable doing this yourself, ask a trusted local technician to help. Make sure it is someone you choose, not someone recommended by the caller.
4. Change Your PayPal Password
From a clean device, go directly to the official PayPal website or open the official PayPal app. Do not use links from the suspicious message.
Change your password immediately.
Use a strong, unique password that you do not use anywhere else.
Also check:
Recent activity
Linked bank accounts
Linked cards
Automatic payments
Account settings
Email addresses
Phone numbers
Security questions
Active logins
Remove anything suspicious.
5. Enable Two-Factor Authentication
Turn on two-factor authentication for PayPal if you have not already.
This adds an extra layer of protection so a password alone is not enough to access your account.
Use an authenticator app when possible. SMS is better than nothing, but authenticator apps are generally safer.
6. Contact PayPal Through Official Channels
Report the incident to PayPal directly through the official app or website.
Do not call the number from the suspicious message.
Explain that you received a tiny deposit or payment note with a fake support number and that you may have interacted with scammers.
Ask PayPal to review your account for unauthorized activity.
7. Contact Your Bank or Card Issuer
If you logged into your bank account during the call, shared banking information, sent money, bought gift cards, or allowed remote access while banking details were visible, contact your bank immediately.
Tell them you were targeted by a PayPal impersonation and remote access scam.
Ask them to:
Review recent transactions
Block suspicious transfers
Replace compromised cards if needed
Add extra security to your account
Watch for unusual activity
Help dispute unauthorized charges
Freeze online access temporarily if needed
Speed matters. Some payments can be stopped if reported quickly.
8. Report Gift Card Fraud Immediately
If you bought gift cards and gave the codes to scammers, contact the gift card issuer right away.
Have the receipt and card numbers ready.
Tell them the cards were used in a scam. Ask if the funds can be frozen.
Recovery is not guaranteed, but fast action gives you the best chance.
9. Scan Your Device for Malware
Run a full security scan using reputable security software. If the scammer had remote access, assume the device may be compromised until checked.
Also review installed programs, browser extensions, startup items, and recently downloaded files.
If sensitive accounts were accessed from the device, consider getting professional help or performing a full reset after backing up important files.
10. Change Passwords for Important Accounts
Change passwords for any accounts you opened or typed into while the scammer had remote access.
Prioritize:
Email accounts
PayPal
Online banking
Credit card accounts
Shopping accounts
Password manager
Social media accounts
Cloud storage accounts
Use unique passwords for each account. A password manager can help, but make sure it is secured with a strong master password and two-factor authentication.
11. Check Your Email for Forwarding Rules
Scammers sometimes create hidden email forwarding rules so they can receive copies of your messages.
Check your email settings for:
Forwarding addresses
Filters
Rules
Recovery emails
Recovery phone numbers
Connected apps
Recent login activity
Remove anything you do not recognize.
12. Watch for Follow-Up Scams
After one scam attempt, you may receive more. Scammers may try to contact you again and claim they can recover your money.
Be careful with anyone who says they can get your funds back for an upfront fee. Recovery scammers often target people who have already been victimized.
Do not trust random callers, social media accounts, Telegram users, WhatsApp contacts, or “ethical hackers” claiming guaranteed recovery.
13. Report the Scam
Report the scam to the appropriate authorities in your country. If you are in the United States, you can report scams to the FTC and Internet Crime Complaint Center. In other countries, report to your national cybercrime authority, consumer protection agency, or local police.
Also report the fake phone number and suspicious message to PayPal.
The report may not instantly recover money, but it helps investigators track patterns and warn others.
14. Tell Someone You Trust
Scams are designed to create shame, but there is no reason to handle this alone. These operations are professional manipulation schemes, not simple mistakes.
Tell a trusted family member, friend, or colleague what happened. They can help you stay calm, check accounts, and avoid follow-up scams.
How to Safely Check a Suspicious PayPal Deposit
If you receive a tiny deposit or strange PayPal message, do not use the contact details inside the message.
Instead:
Open your browser manually.
Type PayPal’s official website address yourself.
Log in from the official site or app.
Check your account activity.
Use PayPal’s official Help Center if needed.
Contact your bank directly using the number on the back of your card if banking details may be involved.
Do not click links from the message. Do not call numbers from the message. Do not install apps at the request of a caller.
If the issue is real, you will be able to see it through official account channels.
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
The Bottom Line
The PayPal PHP Small Deposit Scam is not about a tiny ₱0.01 PHP payment. The small deposit is bait used to make you notice an urgent message and call a fake support number.
Once you call, scammers may pretend to be PayPal agents, claim your account or device is hacked, ask you to install remote access software, push you into your bank account, or pressure you to buy gift cards. The goal is to steal money and sensitive information.
If you receive this kind of message, do not call the number provided. Log into PayPal directly through the official app or website and check your account from there.
If you already called, installed remote access software, shared information, or sent money, act quickly. Disconnect the device, remove remote access tools, change passwords, contact PayPal and your bank, and report the scam.
A real PayPal issue can be handled through official PayPal channels. A caller who asks for remote access, gift cards, banking logins, or secrecy is not protecting your account. They are trying to steal from you.
FAQ
Is the PayPal PHP small deposit real?
The tiny deposit may be real, but the message attached to it is the scam. Scammers can send a very small amount, such as ₱0.01 PHP, and use the transaction note to include a fake warning and a fake PayPal support number.
Is the phone number in the PayPal deposit message really PayPal?
No. The phone number shown in these messages is typically a scam number. It connects victims to fake support agents, not PayPal.
Why would scammers send only ₱0.01 PHP?
The tiny amount is bait. It makes the transaction look unusual enough to get your attention, while the attached note pushes you to call the fake support number.
What happens if I call the number?
You may reach scammers pretending to be PayPal support. They may claim your account is hacked, ask you to install remote access software like AnyDesk, tell you to log into your bank, or pressure you to buy gift cards.
Will PayPal ask me to install AnyDesk or TeamViewer?
No. PayPal will not ask you to install remote access software to fix a payment issue, process a refund, or secure your account.
What should I do if I received the deposit but did not call?
Do not call the number in the message. Log into PayPal directly through the official app or website, check your account activity, and report the suspicious transaction or message to PayPal.
What should I do if I already called the scammers?
Hang up, stop all contact, uninstall any remote access software they asked you to install, change your PayPal and email passwords from a clean device, enable two-factor authentication, and contact PayPal through official channels.
What if I gave them remote access to my device?
Disconnect from the internet, remove the remote access app, run a full security scan, change important passwords from a different clean device, and contact your bank if you opened any financial accounts during the call.
What if I bought gift cards and gave them the codes?
Contact the gift card company immediately with your receipt and card details. Ask if the funds can be frozen. Then report the scam to PayPal, your bank if payment cards were used, and your local fraud reporting agency.
Can I get my money back?
It depends on how the money was sent and how quickly you report it. Bank and card payments may sometimes be disputed. Gift cards, wire transfers, and crypto are much harder to recover, but you should still report them immediately.
10 Rules to Avoid Online Scams
Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.
Stop and verify before you click, log in, download, or pay.
Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).
If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.
Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.
If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.
Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.
If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.
Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.
If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.
Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.
If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.
Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.
If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.
Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.
If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).
Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.
If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.
Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.
If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.
Move quickly. Speed matters for disputes, account recovery, and limiting damage.
Stop payments and contact: do not send more money or respond to the scammer.
Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
Scan your device: remove suspicious apps or extensions, then run a full malware scan.
Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.
These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
