Paypal Scams

How REAL Frauds Occur Most Of The Time Through PayPal

Before I start revealing the methods to fight refund claims your buyers are making against you, it’s important you understand what types of REAL frauds exists when it comes to payment processing companies and how you can prevent from being a victim yourself…

Internet Fraud

An Internet fraud (online scam) is the use of Internet services or software with Internet access to defraud victims or to otherwise take advantage of them; for example, by stealing personal information, which can even lead to identity theft.
A very common form of Internet fraud is the distribution of rogue security software. Internet services can be used to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to others connected with the scheme.
Research suggests that online scams can happen through social engineering and social influence. It can occur in chat rooms, social media, email, message boards, or on websites.

Purchase Frauds

Purchase fraud occurs when a criminal approaches a merchant and proposes a business transaction, and then uses fraudulent means such as a stolen or fake credit card to pay for it.
Thus, the merchant does not get paid for the sale. Merchants who accept credit cards may receive a chargeback for the transaction and in the process, lose money.
The most common fraud takes place using credit cards. This is when the account numbers and PIN numbers are obtained when a transaction is done.
The fraudster (s) use this information to withdraw money from the unsuspected individual.
During this transaction people may steal this buyer's identity and act as him and request payment to an offshore account with an excuse that is not verified to be true and an excuse to steal the said credit card.

Security Measures Taken By Payment Processing Companies Such As PayPal

Anyone who has been working online for more than five minutes will be more than aware that credit card fraud is an increasing problem in the world of Internet business.
So it is that a payment processing company like PayPal must adopt a very serious attitude to all aspects of potential credit card fraud and related financial problems, such as identity theft and phishing.
Thus, when you first register or log on to the PayPal site, they will immediately verify that your Internet browser is capable of accepting and running one of the most advanced security systems currently available online, known as Secure Sockets Layer 3.0 (SSL).
This system ensures that any information passing back and forth between the PayPal website and your computer is protected by the SSL 3.0 encryption key, which offers 128-bit security that is the strongest currently commercially available anywhere in the world.
In addition, PayPal claim that ttheir computersystems are armed and equipped with the highest levels of anti-fraud algorithms yet created, and that these computer-based fraud detection procedures are assisted by several hundred human fraud detection specialists working around the clock, 24/7.
Thus it is probably true to say that PayPal are doing everything that they possibly can do to protect their customers from fraud and all other forms of financial malfeasance, although of course, nothing is ever perfect and there is little doubt that these systems can always be improved.

Exposure To Fraud

Given the sums of money that we have already established PayPal manages to turnover in a year, it would obviously be an extremely attractive proposition for any resourceful thief or fraudster to break into their system, or, at the very least, gain access to your account.
One of the most common ways that Internet criminals will attempt to do this is by sending false e-mail messages purporting to be from PayPal, as well as creating fake or ‘spoof’ websites that are again designed to look as much like the original PayPal site as possible.
The objective in both of these situations is identical.
That is, the sender of the e-mail or fake website builder wants you to open the mail and/or click on the entrance to the fake site, and then login using your username and password.
Once you do so, then you have effectively gifted them your login details, and it is then a few very simple short steps to successfully accessing your account, and stealing whatever money you have in there,
Therefore, the very simple rule is that if you do receive a notification that appears to come from PayPal in your e-mail inbox, do not under any circumstances reply directly to that mail.
Instead, you should immediately login to your PayPal account in the way that you normally do as a completely separate action, and try to discover whether the e-mail that you just received was related to a genuine problem or not by visiting various different areas of your account ‘dashboard’
Another hint that such an e-mail might be an attempted ‘rip-off’ or ‘spoof’ is that the false ones are unlikely to have your name at the top in the salutation (The ‘Dear’ something bit).
Most spoof mails will be addressed to ‘Dear PayPal Account Holder’ or some such generic term, rather than addressing you by name (they are Spamming out thousands of these e-mails at a time to hundreds of entirely unknown recipients, after all!)
A mail from the real PayPal will on the other hand always be addressed to you personally, and thus an ‘unaddressed’ mail that does not ‘greet’ you by name is more than likely to be an attempt to steal your PayPal login details.
But, you must appreciate that the fraudsters and scam merchants are very smart, and that the false mails that they send out are almost identical to the real thing.

Here’s an example. I have my own PayPal account, and this mail recently arrived in my inbox:

Oh, oh, trouble! So, I open the mail (after virus checking):

Luckily for me, they made a typo in the date... That's how I saw it... Instead of writing 2017, they wrote 2007 - LOL!
When I hovered with my mouse over the link, it wasn't leading to a PayPal URL at all.
It has the correct PayPal logo attached, and as someone who has had genuine mails from PayPal of this type, the case numbers applied to the mail look genuine.
However, there are three giveaways that tell me that this is an attempted ‘phish’.
First, the original mail notification that arrived in my inbox did not have the case number attached to the notification. A genuine PayPal would do so.
Second, there is no salutation, no ‘Dear Mr. X’ at the top of the mail.
And, thirdly, there is the bit about acting by [X,Y,Z Date] otherwise the company will ‘suspend your account indefinitely’.
This is an obvious attempt to make you act rather than think, and something that I have never seen in a genuine PayPal mail. So, it is a very sophisticated attempt to ‘phish’ for your account details, and if I were to click on that link, I would definitely be in trouble!
However the fraudsters do it, such attempts at identity theft will normally try to send you directly to a bogus ‘spoof’ website, where you will be invited to input your login details. Of course, you must not do so under any circumstances.
Instead, here is one thing that you can try that might give you another indication that the site is a fake.
Look all over the page and search for links that you would not under normal circumstances be expected to click.
For example, see if there is a ‘Disclaimer’ link or one for ‘Terms of Service’, either of which would generally tend to be links that almost no-one ever clicks on.
But, you should try it, because often, the thieves who design such fake websites are thoughtless and lazy, and they do not make the effort to ensure that all of the links on the page actually do what they are supposed to.
So, it is entirely possible that by clicking an unexpected link, you will find that you are returned to exactly the same webpage rather than being taken to the genuine ‘Disclaimer’ or ‘Terms of Service’ in the way that you would if you were really visiting the genuine PayPal website.
This would provide you with another very strong indication that you are dealing with a site that was established as a ‘phishing’ front for illegal business, trying to steal your details.
Try to avoid accessing your PayPal account (or indeed any other sensitive financial information) from Internet cafes or any other place where the computer that you are using is freely available for public usage.
It is not unheard of for such machines to be rigged so that your login information can once again be recorded and subsequently stolen.
Even when you are using your own private laptop machine, there are times when extreme caution is necessary too!
For example, you should also be extremely careful about logging in to your PayPal account in any densely peopled public area such as an airport departure lounge, railway station or public library especially when using a WiFi connection. In these circumstances it is extremely easy for a cyber criminal to intercept and steal your login information, and very difficult for you to spot them, given the number of people who are wandering about.
Even at home, if you are using an unsecured WiFi connection, you must be careful.
Although there is significantly less danger inherent in accessing your PayPal account in this situation, nevertheless, you should understand that it is called an unsecured connection for a very good reason!
The bottom line is that whenever that you want to log in to your PayPal account, you should do so only by visiting the same login page that you always use, and, if possible, only doing so from an internet connection that you know is secure.

To Avoid Getting Your Own PayPal Account Hacked, It’s Important That You Know How To Recognize Fake Emails

When you get an email from PayPal, always check the “From” field to see who sent it. Many times, you’ll find ridiculous yet confusing things like [email protected], [email protected], etc. Sometimes it will even be “[email protected]”, but looking carefully will reveal this is just the name of the sender, and the address is quite different.
In some cases, though, the Paypal scam artists are very smart, and the email does seem to come from the right email address for all intents and purposes. But don’t worry, you still have ways to find them out.

• Look at the email’s greeting

A genuine PayPal email will always use your full name or business’ name in the opening.
If you see something like “Dear PayPal Member”, “Dear PayPal Customer”, “Dear Customer”, “Hello”, “Dear member”, or anything to that effect, ignore it. This is a sure sign you’re dealing with a fake email.
Does the greeting say “Hello <your full name”? Continue checking the next points to make sure.

• Look at the “SENDER” email address

A genuine Paypal email will always hold their domain url.
For example: [email protected]
A scammer will send you something like: [email protected] or [email protected] (which is not a Paypal owned Domain)

• Are there attachments?

Does the email ask you to “see the enclosed attachment for more details?”
Is there anything at all attached to the email?
If so, feel free to ignore it. Genuine PayPal emails never include attachments, and will always prompt you to log in to your account to see whatever you need to see. No attachments?
On to the next sign...

• Are there links? Check them

If you look at your genuine PayPal emails you’ll find that most of them don’t contain links you need to click at all.
This includes notifications of sent payments, money transfers, and others. Some emails, such as notifications about received payments or signing up for preapproved payments will include links.
If you do see links, a great way to verify them is to hover over them and see where they actually lead (without clicking!). All genuine links will leads to https://www.paypal.com/***.
If you see anything else, including the correct address in a non-secure website (http:// instead of https://), don’t click it, and ignore the email. Most scam emails will include links to fake websites, as this is a great way to steal your login information.
You can also examine the link’s text. Does it say something like “Click here to activate your account”? Or “Confirm my account”? These are most probably fake.
But don’t ever rely on text alone, always check where a link leads to in order to make sure.

• Does the email ask for personal information?

Does the email ask for any personal information such as credit or debit card numbers, bank account details, driver’s license number, email addresses, or passwords? Ignore, ignore, ignore.
PayPal will never ask for any personal details in an email.

• Grammar and spelling

This is a no-brainer, but it’s nonetheless important. Many of these Paypal scam emails are written in bad English and include grammar and spelling mistakes.
Naturally, genuine PayPal emails don’t have mistakes, so this is a quick and easy way to tell them apart.
Another telltale sign is the use of punctuation marks. “Attention!”, “Your PayPal Account has been limited!”, “Thank you for using your bank account!” “Cancel transaction!”, are all signs of a spoof email.