If you get an unexpected invoice from PayPal the best thing you can do is report it and ignore it.
The email might come directly from PayPal, but you shouldn’t call the number listed and you shouldn’t send money. It’s a phishing scam.
What will the email look like?
The subject line will be something like: “Invoice from NAME (####).” In my case, it claimed to come from “Bitcoin Exchange,” which I had never used so that was my first red flag.
There have been reports of suspicious invoices for gift cards, notes that “your PayPal account has been accessed unlawfully,” or for charges made by PayPal itself.
“Here’s your invoice,” the email reads. “Bitcoin Exchange sent you an invoice for $499.99 USD Due on receipt.”
What to do if you receive a PayPal invoice scam email
The email looks so real because it likely did come from PayPal. Scammers discovered your PayPal account and sent you an invoice.
To be safe, do not click the button asking you to pay the invoice. Instead go directly into your PayPal account and visit the “bills” section, you will be able to find the invoice there.
In my case, I did not respond to the invoice and it eventually vanished on its own. PayPal said you can cancel any unwarranted invoices or money requests.
What do the scammers want?
The scammers want you to send money or call the number listed in under the “Seller note to customer” section.
Do not call that number. If you do call that number, they will then try to convince you to give them your personal information. They could use your information to empty your bank account or steal your identity.
Watch out for any emails warning you to call quickly to resolve an “issue” -- they are likely scam emails.
PayPal now includes warning in invoice emails
As more reports come out about this phishing scam, PayPal has added a warning to invoice emails.
What to do if you receive a PayPal invoice scam email?
If you receive an invoice that you suspect is fake or for a purchase you know you didn’t make, do not pay it, and do not respond using any links or phone numbers in the email.
Instead, log directly into your PayPal account using the official app or a trusted browser. Check your purchase history to make sure that you haven’t been fraudulently billed.
If you have been billed, you can contact PayPal’s Resolution Center to report the fraud. If you have not been billed, then this was just an invoice. You should forward the invoice scam email to PayPal.
- Forward suspicious emails and texts to firstname.lastname@example.org
- Click here to learn more tips on how to avoid a PayPal scam
If you are still concerned about the security of your PayPal account you can update your information and change your password just in case.
What to do if you fell for a PayPal invoice scam?
You should immediately contact PayPal through the contact page in their Help Center or by calling customer service at 1-888-221-1161.
If there is a payment that you did not authorize you should contact PayPal through the Resolution Center.
You can also file a police report with the fraud division of your local police department.
Report phishing to the FTC
If you get a phishing email or text message you can report it to the Federal Trade Commission (FTC).
- If you got a phishing email, forward it to the Anti-Phishing Working Group at email@example.com.
- If you got a phishing text message, forward it to SPAM (7726).
- Report the phishing attempt to the FTC at ReportFraud.ftc.gov.