Stolen with a Click: The Booming Business of PayPal Scams

McAfee Labs observed a dramatic increase in PayPal-related phishing emails in February 2025, driven by a focused campaign using "Action Required" account suspension lures, fake invoices, gift card offers, and survey scams to trick users into clicking malicious links. The report provides examples of phishing messages, highlights red flags (suspicious senders, non-PayPal domains, urgency tactics), and offers practical user-focused protections such as verifying communications via the official PayPal site, scrutinizing email addresses, enabling two-factor authentication, and reporting suspicious activity.