- Recently, there has been a new PayPal email scam going around, but this one is really tricky because the scammers are able to actually generate an email coming from paypal.com, actually. It's not some random domain or lookalike domain. It literally comes from paypal.com. So in this video, I'll explain how they accomplish this, what to do to watch out for and defend yourself, and, of course, what their goal is, like, how does the scam actually proceed if you were to fall for it? 

Before we continue, as a reminder, if you guys enjoyed this video, maybe check out the rest of my channel and consider subscribing and also clicking the bell to enable all notifications. These days, YouTube still might not show you videos even if you subscribe. 

OK, so first, let's go over how this scam works. So first of all, the victim is going to receive a email from PayPal saying you have an invoice for some amount. And the email, like I mentioned, is actually from service@paypal.com. So if you were to follow the usual advice to check the domain, make sure it's actually from them, none of that would work, because it actually comes from PayPal, and you would have to fall back on just general common sense and skepticism. 

In this example, it says there's an invoice for $600 due, and it says Billing Department of PayPal updated your invoice. It also says seller note to customer with a whole thing about how your account was used to buy a Walmart gift card, and if you want to dispute it, here's the number to call for customer service. And there's also a button to View and Pay Invoice. And that actually does go to paypal.com and brings up a legitimate PayPal-- well, not legitimate, but an actual PayPal invoice. 

But here's the thing. All of this is just made up. And actually, their goal is not even to necessarily get you to pay that amount. It's actually to get you to call that fake customer service number. But I'm getting a bit ahead of myself. Let me explain how they actually made this invoice. The thing to understand is anybody, even you, can log in to your PayPal account and create an invoice, a PayPal invoice. In fact, if you go to the top of PayPal and click Send and Request, on the right side, you see an option to send an invoice. And then you can just fill out a bunch of info saying whatever you want. And this is what the scammers did. 

Notice how on the scam email, it doesn't even say the person's name. It just says PayPal user. They're just blasting this out to a whole bunch of people, not targeting any specific person. On the right, you can see how you can choose any logo to add to the invoice and even edit the business info to say whatever you want. And they changed it to just say PayPal Billing Department. For items where it says Walmart eGift Card with a bunch of details like a transaction ID, it's all fake to look legitimate. They just added that to the description field of that item in the invoice. 

And that whole message in the email that talks about how there's evidence that your PayPal account has been accessed, they just wrote that themselves in the seller note to customer field. So all of this is made up by the scammer. Now, I don't know if they generate a new invoice for each individual person, or if PayPal lets you send it out to multiple people, I assume. But either way, each person gets a actual email generated from PayPal because of this fake invoice that gets made. 

And despite them sending you a invoice through PayPal, they're not actually expecting you to pay it. I guess, theoretically, if you were to just say, oh, I guess I owe this money and click it and pay, yeah, it would go to their scam account. But they're actually hoping that you are going to try and dispute it by calling one of the fake customer service numbers either listed in the email in that seller note to customer or under the item description that they also put in. 

According to one article by Brian Krebs-- he's a security researcher-- if you call the number, they basically eventually try to get you to download a remote administration tool like TeamViewer or AnyDesk, which lets them control your computer. They basically tell you to go to some website they set up that's meant to look like some kind of support website generic. And if you go to the support section of it, they have all these support tools, blah, blah, blah. But literally, they just go to download TeamViewer or these programs. They have you install it and tell you, oh, yeah, we're going to help you fix it. 

And then they do all sorts of different stuff, but it's all fake. And if you do end up doing that, they have a whole variety of tricks they can play on you to get money out of you. A lot of times, they'll just bring up the command prompt, run some command that looks complicated and say, oh, look at all these viruses you have and stuff like that. It's a bunch of nonsense. Many times, they'll have you log into your bank account. And what they'll do is they'll trick you into thinking they sent you some amount of money as a refund by transferring money between your own two accounts. And then they'll edit the screen so it looks like you received a refund transfer, but literally it was your own money. 

And they'll also say, oh, no, I made a mistake, or you made a mistake, and I transferred way too much money. I'm going to lose my job. Please send the money back. And that's how they get you. They trick you into thinking they sent you too much money and try to get you to refund the extra back. But really, they didn't send you anything. You're just sending money away. And the way they'll get the money out of you is there's a few different ways. 

One is a common one. They'll try to get you to go to buy gift cards at the CVS. Sometimes they will tell you to go to the bank and wire money somewhere. Sometimes they can even blank the screen out and try to see if they can transfer money directly from your bank account themselves while controlling the computer, and you can't even see it. Sometimes they can't do that, because it requires verification codes from the bank, and they don't want to bother with that. So that's why they try to get you to buy gift cards or go to the bank and transfer it where there's no way to undo it. 

And in regards to these types of scams, I would definitely recommend another YouTuber, Kitboga, who basically messes with these types of scammers, pranks them, wastes their time. It's hilarious to see them get really angry. So while it's entertaining, you can also see how these scams work, how they try to trick people. So once you see a few of these, it's a pretty standard script they follow, and you can see patterns. So it's hilarious, and you can learn a lot. So I'll maybe put a link to one of those popping out there. 

And needless to say, in general, if you're calling customer support about some kind of financial transaction, there is no reason that they should tell you to download something. It's a bunch of nonsense. And really, if you get any kind of notification or email or pop-up telling you to contact customer support, and then they try to get you to download something, that is a massive red flag. It's one of the most common scams in the book these days. 

Anyway, just be aware of this scam. That way, you won't have to worry about it. You won't fall for it if you know how it works. If you guys enjoyed this video, give it a thumbs up, of course, for the algorithm. Again, if you want to subscribe. Also, be sure to click the bell to enable notifications. If you guys want to keep watching, the next video I'd recommend is one I made of another type of new email scam that's becoming way more popular, so much so that the FBI issued a warning about it. So I'll put that link right there. So thanks so much for watching, guys, and I'll see you in the next video.