Uncover the “Sainsbury Gift Card PayPal” Scam Email

Photo of author

Written by: Thomas Orsolya

Published on:

A new phishing scam email purporting to be from PayPal and Sainsbury’s is circulating, attempting to trick recipients into believing they have erroneously sent money for a Sainsbury’s gift card. This fraudulent email includes all the hallmarks of a scam and should not be trusted.

This article will provide an in-depth overview of how this scam works, how to identify it, steps to take if you received the email, and measures to avoid falling victim. With online shopping and digital payments growing rapidly, awareness of such scams is essential to protect yourself.

Sainsbury Gift Card PayPal Scam Email Invoice

Overview of the Scam

The fake “Sainsbury Gift Card PayPal” email claims the recipient has sent a payment of £699.99 to Sainsbury’s for an eGift Card. It instructs the recipient to call a provided UK phone number (+44 203 787 9991) supposedly belonging to PayPal, to reverse the non-existent transaction.

This is a complete fabrication by scammers intended to deceive. The email and phone number are not legitimate PayPal or Sainsbury’s contacts. The scam aims to obtain personal information and money from victims by pretending to provide customer support.

Objectives of the Scammers

The objectives behind this scam email are:

  • Obtain personal information – By calling the number, scammers will try to gather private data like full name, address, banking details, etc. This can then enable identity theft.
  • Install malware – Scammers may try to get victims to download files containing malware that will infect their device and compromise sensitive data.
  • Gain remote access – Scammers will attempt to get remote access to your computer under the pretense of helping reverse the fake transaction. This allows them to steal data directly.
  • Make fraudulent charges – With your personal and banking information, scammers can make unauthorized transactions from your accounts.
  • Extort money – Scammers will pressure and manipulate victims into sending money via wire transfers, gift cards, cryptocurrency, etc. to “cancel” the non-existent transaction.

Why Sainsbury’s and PayPal?

This scam email exploits two well-known UK brands that many people would reasonably have accounts with or make online transactions for groceries and shopping. Using trusted company names makes the email appear more legitimate and tricks unsuspecting recipients.

The scammers aim to create a sense of urgency and threat, making recipients more likely to contact the number without carefully examining the email first. Failing to identify this as a scam can have severe financial consequences.

How the Scam Works

The scammers operate this fraud through the following process:

  1. Send phishing email – Using the spoofed “@Sainsbury.com” sender address, scam emails are distributed en masse to potential victims. The email is made to look like official correspondence from PayPal and Sainsbury’s.
  2. Recipient contacts number – Worried recipients call the phone number provided, believing they are contacting PayPal customer support. The number is answered by scammers posing as representatives.
  3. Scammer verifies personal information – To “pull up your account”, the scammer asks for personal information – name, address, date of birth, credit card details etc.
  4. Scammer provides fake support – The scammer makes up reasons why the payment is pending and needs to be reversed, asking the victim to install software, provide credit card info, share login details, etc.
  5. Scammer pressures victim for money – Ultimately, the scammer insists the victim send money urgently via wire transfer, prepaid gift cards, cryptocurrency, etc. to cancel the non-existent transaction.
  6. Scammer disappears – Once payments are made, the scammer disconnects communication and disappears with the victim’s money and information.

How to Spot This Scam Email

While this email may look convincing at first glance, there are several indicators that reveal it as an outright scam:

  • Sender address – The email comes from a @Sainsbury.com address. Real PayPal emails would never be sent from a grocery retailer’s domain.
  • Generic greeting – Addressing the recipient simply as “Hello” or “Hi”, rather than their name, indicates a mass-sent scam email.
  • Spoofed phone number – The +44 203 number does not belong to any legitimate PayPal or Sainsbury’s customer service. The number is controlled entirely by scammers.
  • Request for personal information – PayPal would never cold call to confirm sensitive account details like SSN, bank account numbers, etc. over the phone.
  • Sense of urgency – Tactics like “call immediately” and threats of account suspension are intended to panic recipients into contacting the scammers without thinking.
  • Poor grammar/spelling errors – The email contains typos, awkward phrasing, and formatting mistakes no official correspondence from PayPal would have.
  • No transaction details – Beyond the amount, no specific details of the supposed erroneous Sainsbury’s gift card transaction are provided.

Verifying the Email and Number

To confirm this email is fake, you can contact PayPal’s official customer service through their website and app. Do not use any number provided in the suspicious email. You can also call Sainsbury’s to inquire if they sent the email.

Searching online for the phone number will also reveal other reports of the number being used in similar gift card scams – proof it is not legitimate.

What to Do If You Receive This Scam Email

If this fraudulent PayPal and Sainsbury’s email appears in your inbox, take the following recommended steps:

  • Do not click any links or call the number – This could compromise your device or lead to you falling victim via the scam call center.
  • Forward to PayPal phishing email – Forward the scam email to PayPal at phishing@paypal.com to report the phishing attempt.
  • Report the email – Report the scam email as phishing/spam within your email client. This helps warn others of the scam.
  • Change passwords – Even if you did not fall for the scam, it is wise to change passwords for your PayPal account and any other financial accounts as a precaution.
  • Monitor accounts – Keep an eye on your PayPal, bank, and credit card statements over the next weeks for any signs of unauthorized access or activity. Report it immediately if detected.
  • Update security – Enable two-factor authentication on your PayPal account and other important accounts to add an extra layer of security from phishing attacks.
  • Warn contacts – Let your friends and family know of the new scam email targeting PayPal and Sainsbury’s customers, so they can identify and avoid it.

Avoiding Gift Card Payment Scams

While this specific email refers to Sainsbury’s, similar scams impersonating major retailers, tech companies, government entities, etc. are common. Here are some top tips to avoid becoming victim:

  • Know legitimate payments – Real companies will never cold call or email demanding emergency payments via gift cards, cryptocurrency, wire transfers etc. These are scammer-preferred payment methods.
  • Double check domains – Email addresses can easily be spoofed. Verify that any call-to-action links point to legitimate web domains – not slight misspellings.
  • Do not trust caller ID – Scammers often spoof real customer service numbers. Independently lookup and call official numbers listed on the company’s website.
  • Never share passwords or pin codes – Real reps will never ask for your full password or code. Only scammers make such requests.
  • Avoid clicking links – Even if an email looks legitimate, clicking included links can expose you to malware, spoof sites, or other threats. Manually navigate to sites if needed.
  • Use antivirus software – Malware and viruses can compromise your data and enable scams. Keep your computer protected.
  • Enable MFA/2FA – Multifactor or two-factor authentication (via SMS, authenticator apps, security keys etc) adds crucial account protection beyond just passwords.

Staying vigilant against scams and equipping yourself with knowledge of common techniques is key to avoiding becoming another victim.

What to Do if You Fell Victim to This Scam

If you unfortunately called the number and fell victim to the scam, take these steps immediately:

  • Contact your bank – Alert your bank and credit card companies to reversed any fraudulent transactions or stop payments. Cancel any cards compromised.
  • Change passwords – Change the passwords for all your online accounts, prioritizing financial accounts and your email account. Enable MFA where possible.
  • Scan devices – Run comprehensive antivirus scans to remove any potential malware installed during the scam call.
  • Report to authorities – File a report about the fraud with local law enforcement and bodies like the FTC and IC3. Provide all details of the scam.
  • Inform companies – Contact PayPal, Sainsbury’s, and any companies the scammers now have information on to warn them of potential account abuse.
  • Monitor credit – Keep a close eye on your credit reports with Equifax, Experian, and TransUnion for any signs of fraudulent accounts or activity. Consider a credit freeze.
  • Seek other guidance – Consult with your bank, experts, government agencies, and resources like VictimSupport.org to secure accounts and recover lost funds.
  • Warn others – Share your experience publicly or with friends and family to prevent others from falling victim to the same scam.

Frequently Asked Questions

Is this email really from PayPal?

No, this scam email is not sent by PayPal. It spoofing PayPal’s branding and identity in order to trick potential victims. PayPal would never contact you demanding emergency payments via unusual methods or asking for sensitive personal data over a call.

Can PayPal reverse a gift card payment?

PayPal cannot reverse or refund payments made with gift cards, as the transaction occurs entirely between the retailer and card provider. PayPal also cannot cancel a gift card payment without collaboration from the retailer. This demonstrates the scam’s claims are implausible.

Is the customer service number real?

The +44 203 phone number included in the email is not a legitimate PayPal customer service line. This number is controlled entirely by scammers. Do not trust any number provided in a suspicious, unsolicited email.

Can I tell if an email is real by calling the company?

No, you should not call any number included in a suspicious email, as it likely leads to scammers. Instead, independently lookup the real customer service number by visiting the company’s official website and calling that number to verify an email’s legitimacy.

What happens if I share my information with the scammers?

Providing personal, financial, and account information enables the scammers to steal your identity, make fraudulent transactions, take over accounts etc. Never share sensitive data like passwords, SSNs, or bank details with unverified parties demanding them urgently over a call.

Conclusion

This “Sainsbury’s Gift Card PayPal” phishing scam exploits trusted brand names in an attempt to dupe innocent recipients and steal money and data. By understanding common techniques used in such frauds, examining emails carefully, and following security best practices, users can avoid becoming victims. Remaining vigilant and proactively warning others is crucial to protect yourself and prevent these scams from claiming more victims.

10 Rules to Avoid Online Scams

Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.

  1. Stop and verify before you click, log in, download, or pay.

    warning sign

    Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).

    If you already clicked: close the page, do not enter passwords, and run a malware scan.

  2. Keep your operating system, browser, and apps updated.

    updates guide

    Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.

    If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.

  3. Use layered protection: antivirus plus an ad blocker.

    shield guide

    Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.

    If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.

  4. Install apps, software, and extensions only from official sources.

    install guide

    Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.

    If you already installed something suspicious: uninstall it, restart, and scan again.

  5. Treat links and attachments as untrusted by default.

    cursor sign

    Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.

    If you entered credentials: change the password immediately and enable 2FA.

  6. Shop safely: research the store, then pay with protection.

    trojan horse

    Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.

    If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.

  7. Crypto rule: never pay a “fee” to withdraw or recover money.

    lock sign

    Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.

    If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.

  8. Secure your accounts with unique passwords and 2FA (start with email).

    lock sign

    Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.

    If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.

  9. Back up important files and keep one backup offline.

    backup sign

    Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.

    If you suspect infection: do not connect backup drives until the system is clean.

  10. If you think you are a victim: stop losses, document evidence, and escalate fast.

    warning sign

    Move quickly. Speed matters for disputes, account recovery, and limiting damage.

    • Stop payments and contact: do not send more money or respond to the scammer.
    • Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
    • Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
    • Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
    • Scan your device: remove suspicious apps or extensions, then run a full malware scan.
    • Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
    • Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.

These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.

Previous

Remove News-Sisuyu.com Pop-up Ads [Virus Removal Guide]

Next

The Tesla Investments Scam – Don’t Become the Next Victim