ProtectYourParents.org

Novel Scams & Tricky Patterns

These are the weird, creative scams that don’t always fit on a one-page checklist. Use these stories as conversation starters with your parents, grandparents, or anyone who might be targeted. The goal isn’t to memorize every trick, but to recognize how scammers think.

Names and minor details may be changed or generalized to protect privacy. This page is for educational purposes only and is not legal or financial advice.

Bank / Account Alerts Romance & “Wrong Number” Tech Support & Remote Access

The PayPal alert that really was from PayPal… but still a scam

Bank / Account Alerts

Pattern: Real PayPal email + fake “customer service” details inside

This one fooled even very tech-savvy people — including my partner, almost. She sent it to me and asked "this is a scam, right?". The email came from service@paypal.com, had the official PayPal blue checkmark, and Gmail verified that the sender really owns paypal.com. And yet… the entire thing was a setup to get the victim to call a scam phone number. That's why this is so tricky!

This is a perfect example of a “novel scam”: scammers using a legitimate platform to deliver fraudulent content. The email is real — the message inside it is not.

Screenshot of PayPal email showing automatic payment notice
The email really is from service@paypal.com — that part is legitimate.

How the scam actually works

A scammer creates (or compromises) a PayPal merchant account. With that account, they can generate an “automatic payment” or subscription update — something PayPal is supposed to notify you about.

Inside those merchant settings, the scammer can write anything they want in the description, note from seller, or customer support fields. PayPal then automatically includes that text in an email sent from its own verified domain.

The result: a perfectly authentic PayPal email containing an absolutely fraudulent message typed by the scammer.

Zoom of scam email showing fake Samsung purchase
Looks like a billing update from Samsung. But here’s the twist…

Red flags in this email

  • Dates and billing cycles that make no sense
    The billing cycle starts in 2027, years in the future.
  • Panic language + phone number to call
    “If this wasn’t you, call 805-xxx-xxxx.” That phone number is the scammer’s real goal.
  • “Customer service email” is a Gmail account
    A big brand like Samsung does not use samsung@gmail.com for billing issues.
  • Mixed currencies and bad formatting
    ¥1499 JPY vs 1465.00 USD in the same message, random spacing, and strange capitalization.
  • Poor grammar and punctuation
    Real PayPal copy is usually clean and consistent. Sloppy writing is often a clue.
Zoom showing customer service email listed as samsung@gmail.com
A fake “customer service” email buried in the details. This is where the scammer wants victims to go.

Why Gmail still shows it as “Verified”

Gmail checks if the email server sending the message really belongs to PayPal. And in this case, it absolutely does — PayPal is the one sending the email.

Gmail does not verify whether the content typed by a merchant is honest. So the scammer gets a completely legitimate delivery channel to push panic-bait text.

Zoom of Gmail verified sender popup saying signed by paypal.com
The sender is verified. The message content is not.

What the scammer wants you to do

Every part of this email funnels you to call the number in the message. Once on the phone, they’ll pretend to be PayPal or Samsung support and escalate quickly:

  • Tell you you've been hacked and ask for remote access to your device.
  • Get your credit card details and charge you fraudulently.
  • Ask for verification codes, passwords, or other sensitive info.
  • Try to keep you on the phone so you can’t pause and think.
Screenshot showing suspicious text and phone number in the email body
The fake “call this number immediately” line is the entire point of the scam. Look at the font changes!

Safer way to handle it

  1. Do not call the phone number in the email.
  2. Log in to PayPal yourself (type paypal.com or use the official app) and check your Activity and Automatic payments.
  3. Call your bank using the number on the back of your card if you’re worried about a charge.

This story is for educational purposes only. Always confirm directly with your bank or PayPal using official contact information.

See something strange that doesn’t fit any of these patterns?

  • Write it down or take a screenshot.
  • Talk it through with a trusted family member or friend.
  • Use the Is This a Scam? page to look for common warning signs.

This page will change over time as new scam patterns show up. The goal isn’t to chase every tactic, but to build a habit of slowing down, double-checking, and asking for help before money leaves your account.