Weird Paypal E-Mail Confirmation: Beware, It’s A Scam

Weird Paypal E-mail Confirmation: Beware, It’s A Scam!

paypal scam

Ever gotten a weird PayPal e-mail confirmation for something that you definitely didn’t buy? “You submitted an order amounting to $39.97,” it might say. Below you might see a very legitimate-looking receipt, complete with all of the PayPal logos. There’s no pidgin English, no requests for your password, none of the usual signs of a scam. It innocuously lists the merchant, the amount that will be taken out of your account, and a button to view, cancel, or review your transaction. Even the font looks like a normal PayPal confirmation.

“Am I going crazy?” you say to yourself. “I don’t remember ordering this at all. I wonder if my account might have been hacked.”

You mumble to yourself about those darn Internet scam artists and click on the link in the e-mail, ready to sign into your account and cancel the transaction before it goes through. Little do you know that you’ve already been scammed!

A World of Phishermen

The e-mail described above is designed to “phish” personal information from you. It lures you in with a legitimate looking confirmation for a transaction that you didn’t make, then it offers a link to a site that looks like PayPal so that you will sign in. Behinds the scenes, however, the site that you’re being directed to isn’t PayPal at all; it is a fake website designed to allow the scammers to capture your password.

After that, they can take over your account, use your funds, and steal all kinds of personal information. If you ever receive an e-mail like this, delete it immediately or report it to PayPal! Do not click on any links and don’t allow the e-mail to redirect you to any sites. If you need to look over your latest transactions, go to your browser bar and manually head over to yourself.

If you don’t see any transactions like the kind described in the e-mail when you sign into the legitimate site, then you will know beyond a doubt that the e-mail you have received is a scam.

Too Smart for Scams

The reason why this scam is so effective is because it’s so casual. It doesn’t outright ask for your password, but rather relies on that natural human tendency to worry about false credit card charges (“Have I been hacked? Did my kid get into my account again and buy the whole store?”) and the tendency for people to be lazy and just click on the links offered in support e-mails themselves. It’s just not a very obvious, in-your-face scam and this is why it’s so powerful, especially if it’s something that you don’t expect.

Some of the most vulnerable people are those who think that they might be too smart for scams, or that they can tell if something is fake right away because of “obvious signs.” This one is not very obvious at all.

Signs You Are Being Phished

phishing scamsIn this particular version of the scam, however subtle it may be, there were indeed some signs that told me it was a scam when I received it:

1) The sender’s e-mail address was not from PayPal.

People normally don’t check the sender’s address, but this can often be a dead giveaway. In this case, the scammer was pretty sneaky because he or she actually used what appeared to be a domain, which many people trust. The truth is that it may be possible for a scammer to be able to register an e-mail address like this, through various methods, so it’s best not to give the top-level domain of an e-mail address too much weight.

Just keep to this simple rule: If it is a confirmation e-mail allegedly from your PayPal account, and the e-mail address is not from, then be suspicious. The simple solution is to just go to on your own and sign into your account.

2) The e-mail doesn’t state your name.

One of the ways that PayPal and other companies signal to you that your e-mail is legitimate is to include your name in their correspondence. After all, if they were just a random criminal spamming thousands of accounts, they would be less likely to know your legal name. If they just say “Dear Customer” or nothing at all, be suspicious.

Note, however, that it is not impossible for a scammer to know your name, so don’t take the presence of your legal name as irrevocable proof that it’s not a scam. In fact, barring time constraints, it’s trivial to find out what most people’s full names are and where they live. For phishing scammers who work with high volumes of e-mails, though, this collectively represents a lot of work, so usually, you will just get a generic e-mail.

3) There is no delivery address.

In my version of the “confirmation e-mail,” there was no delivery address. It simply said “Home address – Confirmed.” This can be easily missed upon casual inspection, but if you notice this and think about it, it makes no sense. What’s the point of a confirmation e-mail if the company is not going to provide very basic details like the address that the parcel will be delivered to? It is not normally considered a security concern to send this information via e-mail, so there’s no reason to omit it.

As you can see, this is very fishy and you should immediately distrust a shipping confirmation with no shipping information! As with point #2, though, if your address does happen to be present, this doesn’t mean the e-mail is necessarily legitimate, either. It could just mean that you were subjected to a more targeted phishing attempt.

4) Tiny, Quibbling Details

Even if the grammar, spelling, and punctuation in the e-mail is okay for the most part, occasionally there will be small mistakes that a large company probably wouldn’t make. For instance, in the e-mail I received, the button with the malicious link said “view, cancel or review your transaction.” In American English (PayPal is an American company), typically one would put a comma after “cancel” as well, but this is missing from the e-mail. Little things like that will tip you off, but you probably have to be a grammar fiend to notice them.

The Solution, in Any CasePaypal phishing scam


If you have any doubts at all—at all—then go to PayPal’s website and contact PayPal directly. If someone really did buy something using your account without your knowledge, then PayPal would be able to cancel the transaction. On the other hand, if it turns out that the confirmation was indeed fake, then you will save yourself from getting scammed for your personal information.

7 comments on “Weird Paypal E-Mail Confirmation: Beware, It’s A Scam”

  1. roamy Reply

    Hi there
    Thanks for the heads up, there are so many scams out there it`s hard keeping track of them alone.
    With scammers using a big name like PayPal, I’m sure it can catch you off-guard and you sign before checking the fine lines and the little details that do not make sense.
    Im lucky PayPal contacts me in German language and their address always includes their( .ch dot CH) adress instead of the international .com(dot com) so any emails I get from PayPal, if it does not have these 2 then there is something wrong with it unless the scammers figure this out.
    Another thing I always keep in mind is that PayPal always adress people by name, most scammers do use the “hello Madam/Sir”. Still, very informative and worth reading.

    • SJB Reply

      Hello Roamy,

      It’s so nice to hear form you. I almost got caught with the Paypal email scam. Now I know that Paypal only writes to you to send you receipts for money that we have spent and money that we have received.

      All of these online scams could get hard to keep up with. I’m trying my best to keep up and inform my readers as fast as I can. 😉

      Keep in touch.


  2. Warren Reply

    Love this article. Most of the emails I get (if not all) from paypal are scams. The logo doesn’t look quite right or I know everything is peachy with Paypal. Then all the things you mention occur. When I’m ever in doubt, I enter the exact wording into Google and see what I get. Overwhelmingly it says SCAM!!!

    • SJB Reply

      Hello Warren,

      I must admit that it took a few emails for me to realise that these were a scam. I have a tendency to always see the good in things. Since I’ve been blogging, I am much more vigilante and make it a habit to always research on Google before I actually answer an email that seems a bit bizarre to me. Thanks for your comment.

  3. Elizabeth Smithwick Reply

    A real Paypal email will never include attachments. Because they can contain spyware or viruses, you should never open an attachment unless you are 100% sure it’s legitimate.

    • SJB Reply

      You are so right! We have to be more and more careful with these types of emails. They seem to be coming in from all over the place: banks, Facebook, E-Bay, etc…Thank you for reading my article, Elizabeth.

Leave A Reply

Your email address will not be published. Required fields are marked *


CommentLuv badge