PayPal is one of the most popular and secure ways to make online purchases, but that doesn’t mean your account is 100% safe. No online platform is completely free from the risks posed by hackers and scammers. Learn what to do if your PayPal account is hacked, and use a powerful online security app to help prevent hacking and other online threats.
Signs your PayPal account has been hacked include unauthorized transactions, being locked out of your account, notifications suddenly stopping, and unfamiliar devices logging into your account. If you spot something suspicious, monitor your accounts for unusual activity and contact PayPal’s customer support.
PayPal is a secure and reliable payment app, so if your PayPal account is hacked, it’s typically because cybercriminals have targeted you via a password cracking, phishing, or malware attack, rather than a specific weakness in PayPal’s security measures. That’s why it’s so important for individual users to be vigilant.
Here are some of the biggest red flags your account has been hacked:
You see unauthorized activity on your account: Transactions you don’t recognize or didn’t make are a clear sign that your account’s been hijacked.
You can’t log in: If you can’t sign into your account with your usual password, that may be because hackers have changed it.
Your notifications stop: If you’re no longer receiving notifications about your account, it could indicate that a hacker changed the contact information.
There are unfamiliar devices connected to your account: Regularly check the devices that have logged in to your PayPal account by going to Settings > Security > Manage your logins (computer only).
If hackers get into your PayPal account, they have full access to your funds, meaning they can steal money, make unauthorized purchases, and exploit any linked bank accounts or credit cards to withdraw even more funds. As well as financial theft, hackers could conduct fraud or launder money under your name, or sell your personal and financial information on the dark web.
To recover a hacked PayPal account, change your password as soon as possible to lock out the intruder. If you can’t access your account, you’ll need to call PayPal and follow their recovery procedure. Once you’re in, review your account information for transactions you didn’t authorize or changes to your personal information.
Reset your PayPal password as soon as you notice any suspicious activity. Choose a strong password that’s different from any other password you use — you can use a password manager to create and securely store unique passwords for all your accounts. If you used your old PayPal password for multiple accounts, you should create a new password for each of them, as they are now compromised, too.
Here’s how to reset your PayPal password:
On the login screen, tap Forgot password?
Type your account email address and tap Next.
Select a verification method and tap Next.
Complete the security check, then tap Continue.
Create a new strong password.
If you can’t access your account to reset your password, that’s likely because the hacker’s already changed your login credentials to stop you from getting back in. In this case, you’ll need to call PayPal on 1-888-221-1161 and explain the situation to their customer service team.
Once you’ve secured your PayPal account, check that the hacker hasn’t changed any of your account info or added a new email address. If your account information has been tampered with, restore the proper details to ensure full functionality and help prevent the hacker regaining access.
Then, review recent transactions for fraudulent activity — particularly any pending transactions that you may be able to cancel before they go through. Once you know what you’re dealing with, you can then start mitigating the aftermath of the hack.
If your PayPal account has been hacked, quick and decisive action is crucial to minimize the potential consequences. Follow the steps outlined below to report fraud to the relevant authorities, help prevent future breaches, and potentially recover lost funds.
You can report an unauthorized transaction to PayPal’s Resolution Center by selecting the transaction and following the instructions. You have 180 days to make a report. However, you should make the report as quickly as possible after you see an unknown payment.
Here’s how to report fraud using the PayPal app:
Tap Wallet > Activity > select the disputed payment > Report Problem > Continue.
Choose a reason for the report and follow the instructions.
On a web browser, go to the Resolution Center, click Report a problem, and choose the transaction to report. Then click I want to report unauthorized activity and follow the instructions to make your report.
You may be eligible for a refund if your account is hacked. Once you submit your report to the Resolution Center, PayPal will respond to you within 10 days.
If you’re worried about the fraudster opening new lines of credit in your name, freezing your credit can give you peace of mind and prevent further damage. To freeze your credit after your PayPal account is attacked, contact the three credit reporting bureaus directly:
Equifax: 1-888-298-0045
Experian: 1-888-397-3742
TransUnion: 1-888-909-8872
PayPal can only help to protect or recover money in your PayPal account or transactions made through PayPal, including PayPal Credit. If you have any bank accounts or cards linked to PayPal, contact the relevant financial institutions directly via their fraud department.
Explain that your PayPal account has been hacked, and request that linked cards be frozen and new PINs issued. Provide information about any unauthorized purchases and request that they be reversed, if possible.
To help the authorities tighten the screw on hackers and scammers, as well as get assistance recovering from identity theft, you should report the scam to:
The FTC’s report fraud website: The information you provide will be used to help identify and prevent future cases of fraud, but will not help to resolve your specific case.
The FTC’s identity theft website: Report instances of identity theft and you’ll receive a recovery plan to help get you back on track.
While PayPal has its own fraud detection tools, the best way to secure your PayPal account is to use a variety of preventative measures such as a strong password and two-factor authentication, as well as taking other proactive steps to help safeguard your account security.
Here are some best practice tips for securing your PayPal account:
Use a strong password: One of the simplest ways to protect your PayPal account is to use a complex and unique password — a mix of upper-case, lower-case, special characters, and numbers. Make it at least 15 characters.
Enable two-factor authentication (2FA): Two-factor authentication (2FA) means that you, or anyone trying to access your account, must use more than just a password to log in.
Don’t use PayPal on public Wi-Fi: Public Wi-Fi is often unsecured, so anyone who manages to intercept your traffic may be able to read your data. If you have to use public Wi-Fi, use a VPN to encrypt your connection.
Add security questions: You can add two log-in security questions to help keep hackers out of your account even if your other credentials are compromised.
Be vigilant against phishing scams: Phishing uses social engineering to trick you into clicking malicious links or giving away personal information. Stay informed about the latest scams, never share your password, and remember that PayPal will ask for your password only on their official website or app.
Even with PayPal’s strong security measures, hackers and malware can slip through the cracks. That’s why you need to protect your devices with powerful cybersecurity software like AVG AntiVirus FREE. Thanks to an unrivaled threat detection network, we help stop over 1.5 billion cyberattacks around the world every month. Let us help protect your devices, for free.
Privacy | Report vulnerability | Contact security | License agreements | Modern Slavery Statement | Cookies | Accessibility Statement | Do not sell my info | | All third party trademarks are the property of their respective owners.
