The PayPal Unauthorized Transaction scam is a dangerous fraud that uses phishing emails or text messages pretending to be from PayPal. The messages claim suspicious or fraudulent charges were made on your PayPal account for expensive products or subscription services. Victims are instructed to call a “support” number to dispute the charges, but the number actually routes to skilled scammers ready to steal your money through deception and manipulation.
This scam is often a gateway to tech support scams that involve the criminals gaining remote access to your device under the pretense of helping refund the unauthorized transactions. From there, victims ultimately get tricked into willingly sending large sums of money to the scammers.
By learning how to detect these fraudulent messages and understanding the manipulative tricks used by the scammers, you can avoid getting swindled by this scam. This article provides a detailed overview of how the PayPal Unauthorized Transaction scam works, what to do if you fell victim, and the key red flags to watch out for.
Overview of the PayPal Unauthorized Transaction Scam
This scam begins when potential victims receive an email, text message, or phone call pretending to be from PayPal. The message looks at first glance like an official alert from PayPal informing you of suspicious activity on your account.
The notice states that expensive charges or a subscription fee from a well-known company like McAfee, Norton, Apple, etc. was made without authorization through your PayPal account. The amounts range from several hundred to over a thousand dollars.
The message expresses urgency to call a phone number or click a link to dispute the charge and request a refund. However, the phone number and links actually route to criminals impersonating PayPal support agents.
If you call the number, scammers will say they see the unauthorized transaction and offer to guide you through the refund process. This is a ploy to gain your trust and make you think they are helping you.
The scammers then shift to a tech support scam by falsely claiming your computer is corrupted, needing remote access to “diagnose” the issue. With access, they trick victims into believing they accidentally sent money and must pay the scammer to “reverse” the transfer.
Breakdown of the Scam Messages
Here are key details the scam emails, calls, and texts use to fool you:
- Spoofed sender information disguising the scammers as PayPal
- Subjects about unauthorized payments made through your PayPal account
- Message formatted like an official alert from PayPal
- Claims of an unauthorized charge or subscription for McAfee, Norton, etc.
- Fake PayPal invoice images showing charges for $400+
- Phony case numbers making the notice seem credible
- Urgency to call a number to dispute the charges immediately
- Malicious phone numbers and links that actually connect to scammers
This extremely deceptive scam combines convincing message formatting with phony claims of suspicious activity on your account. But the urgent call to action gives it away as a scam attempt aiming to steal your personal information and money.
How the PayPal Unauthorized Transaction Scam Works Step-by-Step
Here is a step-by-step overview of how scammers leverage this scam to ultimately steal money from victims:
Step 1: Victims Receive Fraudulent Messages
The first step is victims receive an unsolicited email, text, or phone call pretending to be from PayPal. The message uses spoofing techniques and official formatting to appear real.
It claims an expensive charge or subscription from major retailers was made through your PayPal account without consent. The notice seems credible and concerning.
Step 2: Victims Call the Scam Call Center Number
The fake alert urges potential victims to call a phone number to dispute the unauthorized transaction and request a refund. But the number actually routes to a scam call center.
If victims call, criminals pretending to be PayPal agents answer. They claim to look up the account and see the questionable charge. This helps gain the victim’s trust initially.
Step 3: Scammers Gain Remote Access to Victims’ Devices
The fake agent says the victim must allow remote access to their device so PayPal can process the refund request and investigate the unauthorized payment.
The criminals get victims to download remote access software or use built-in tools. The victims are deceived into willingly allowing the scammers to control their computer.
Step 4: Scammers Manipulate Victims’ Screens
Now able to control what victims see on their screens, the scammers pretend to process refunds while actually hacking into accounts. They also fabricate fake error messages and infections.
This tricks victims into thinking their devices are corrupted and only the scammer imposters posing as PayPal agents can fix the issue.
Step 5: Scammers Use Website Manipulation to Fake Transfers
The criminals then open victims’ real bank websites and alter the HTML code to make it appear as if large sums were accidentally sent to the scammers.
For example, they add a fake wire transfer matching the scam call center name. Victims now think all their money was mistakenly wired.
Step 6: Victims Send Money to Scammers
Convinced by the altered bank website that they wired funds to the criminals, victims scramble to reverse the “accidental” transfer.
The scammers demand money via wire transfers, gift cards, cryptocurrency payments, etc. to access the non-existent refund account. Victims readily send funds, not realizing it’s all an elaborate scam.
Once the scammers receive the money, they disable the remote access and disappear – along with the victim’s stolen funds.
How to Identify the Scam Emails and Text Messages
It’s important to know how to recognize the phishing emails and texts used to lure victims into this scam. Here are tips to spot the warning signs:
Inspect the Sender’s Email Address and Name
Carefully check that the email address appears exactly as “service@paypal.com” or another official PayPal domain. Scammers often use slight misspellings or extra characters.
Also ensure the sender name matches “PayPal” or a verified PayPal entity. Hovers over links to check where they really direct to.
Verify the PayPal Logos and Branding
Examine the logo and overall branding in the email or text. Fraudsters often use low-quality versions of logos. Make sure fonts, colors, and images match PayPal’s professional branding.
Watch for Poor Grammar and Spelling
Phishing scams often contain typos, grammatical errors, and other writing mistakes. The texts may read unprofessionally compared to PayPal’s legitimate customer service messages.
Scrutinize the Message Formatting
While scammers try to mimic PayPal’s formatting, subtle details like font choices and text placement may differ from real messages. Compare to verified emails from PayPal to detect discrepancies.
Check the Urgency Level
Scams create false urgency to get victims to act fast without thinking. Phrases like “urgent action required” or “call immediately” indicate a likely scam attempt. PayPal provides time to resolve issues.
Look for Strange Attachments
Do not open attachments in unsolicited emails, as they can release malware. PayPal does not send emails with random attachments you need to open.
Verify the Claims Elsewhere
Don’t trust the email or text alone. Log in directly to your PayPal account to check recent activity for any unauthorized transactions before believing the messages.
With close inspection and awareness of common phishing techniques, you can hopefully identify scam PayPal emails and texts before being deceived. Reach out directly to PayPal if you have any uncertainties.
What To Do If You Already Fell Victim to This Scam
If you already got scammed, stay calm and take these steps immediately:
Step 1: Contact Your Bank
Phone your bank and explain you fell victim to a scam and authorized payments. Ask them to stop any transfers not yet processed.
Dispute fraudulent charges by filing a fraud claim. And consider freezing your account to prevent more money from being stolen.
Step 2: Notify Gift Card Companies
If you revealed gift card numbers, call the merchant and request they immediately deactivate the cards before the criminals can redeem them. Every second counts.
Step 3: Report the Scam to Authorities
Report the scam to the FTC, FBI IC3, state attorney general, and local police so they can investigate the criminals. The more victims who report, the better.
Step 4: Contact Companies Impersonated
Notify PayPal, Apple, Norton, McAfee, etc. if their name was used in the scam. They may help shut down phone numbers and accounts.
Step 5: Monitor Accounts and Credit
Keep close watch on your financial accounts and credit reports for any further misuse of your information. Sign up for credit monitoring too.
Also change all account passwords and enable two-factor authentication where possible. Only access accounts from a malware-free device.
Avoiding the PayPal Unauthorized Transaction Scam
Here are key ways to protect yourself from this fraud:
- Carefully inspect email and text senders for spoofing before clicking links or calling numbers. Senders can easily be faked.
- Verify messages by logging directly into your PayPal account. Check for real activity before believing emails about unauthorized charges.
- PayPal provides official phone numbers on its website – do not call other numbers mentioned in emails.
- Legitimate companies don’t demand immediate remote access to your device. Refuse any requests for screensharing or remote control apps from callers.
- Keep software updated and use strong anti-malware protection to prevent scammers from accessing your device remotely.
- Use unique complex passwords and enable two-factor authentication wherever possible to prevent account breaches.
- Educate yourself on common online scams like phishing and tech support frauds so you can recognize the signs.
Frequently Asked Questions About the PayPal Unauthorized Transaction Scam
What is the PayPal unauthorized transaction scam?
This is a fraudulent scam where scammers send phishing emails or texts pretending to be PayPal. The messages claim suspicious or fraudulent charges were made on your PayPal account through retailers like McAfee or Apple. They tell you to call a “support” number to dispute the charges, but the number actually connects you to criminals.
How does the scam message look?
The phishing emails mimic PayPal’s branding and messaging. They have subjects about unauthorized payments made through your account. The body displays a fake invoice image showing charges for expensive products or services you didn’t purchase.
Does the message come from PayPal?
No, the sender just spoofs PayPal’s information to make it seem real. Scammers fake the “From” email address, phone number, and branding. PayPal never asks you to call support numbers mentioned in unexpected emails or texts.
What happens if I call the number?
The number routes to a fraudulent call center instead of PayPal. Criminals impersonating PayPal agents answer and pretend to help dispute the charges, gaining your trust. Then they trick you into allowing them remote access to your computer so they can steal your personal information and money.
How do the criminals gain remote access?
The fake agent claims they need to initiate a remote session to process your refund and investigate the issue. They guide you through downloading screensharing apps or using built-in tools to take control of your device, masking it as part of the process.
What do the scammers do with remote access?
Having control of your screen allows the criminals to manipulate what you see. They can fake error messages, pretend to refund charges, and even alter banking screens to show unauthorized transfers out of your account to them.
How do the criminals get your money?
The fake PayPal agents pressure you to reverse the fraudulent bank transfers by willingly sending money to them via wire transfers, gift cards, cryptocurrency payments, etc. Victims readily comply to get their money back.
How can I avoid this scam?
Carefully verify message senders. Never call numbers or click links in suspicious texts/emails about your account. Check directly with PayPal first. Don’t allow remote access to callers. Use strong unique passwords and two-factor authentication. Keep software updated. And know the warning signs of scams.
The Bottom Line
The PayPal Unauthorized Transaction scam is a deceitful ploy to steal money by pretending to help victims get refunds. Use awareness of the deceptive red flags and manipulation tactics to protect yourself and your loved ones. Avoid calling or clicking on links in any unexpected messages about unauthorized charges or account issues. Verify messages directly with PayPal via their official site before taking any action. With proper precautions, you can ensure these scammers gain nothing but your distrust.
