Criminals are at it again, this time perpetuating a scam involving PayPal. At first glance, the email looks legitimate, and that’s exactly why cybersecurity experts say this scheme is so dangerous. Criminals are now exploiting PayPal’s real email system to target unsuspecting users. The scheme works by sending tiny payments — sometimes as little as one cent — to random PayPal accounts. That action automatically triggers an official email from PayPal, making the message appear authentic. Inside the payment note, fraudsters often include alarming claims, such as a large unauthorized purchase or a warning that the account has been compromised. The message then urges recipients to call a customer service number for help. The catch: the phone number doesn't belong to PayPal. Instead, victims are connected directly to criminals who attempt to steal passwords, banking information, or even gain remote access to computers. Experts say the scheme is effective because it creates panic and pressures people to act quickly before verifying the information. If you receive something unexpected, never respond directly to the incoming message. Always initiate contact yourself by going directly to the company’s website or using the number on the back of your card, and never allow someone on the phone to guide you through logins or take remote control of your computer. Never click on links in an email or call phone numbers. Other things you can do to protect yourself include logging in to PayPal directly to verify account activity, enabling two-factor authentication, and using strong passwords. Experts say the best defense is simple: don’t click, don’t call, and always verify first.
