Security News > 2022 > November > Black Friday and retail season – watch out for PayPal “money request” scams
The bad thing about this scam is that it's astonishingly easy for criminals to set up, and it carefully avoids sending spoofed emails or tricking you to visit bogus websites, because the crooks use a PayPal service to generate their initial contact via official PayPal servers.
Email scammers therefore often go out of their way to ensure that their first contact with potential victims involves messages that really do come from genuine sites or online services, and that link to servers that really are run by those same legitimate sites.
The scammer creates a PayPal account and uses PayPal's "Money request" service to send you an official PayPal email asking you to send them some funds.
The scammer adds a contact phone number into the message, apparently offering an easy way to cancel the payment request if you think it's scam.
The crooks have simply found a way to abuse PayPal's free Money Request service to generate emails that really do come from PayPal, that include real PayPal links, and that use the message field in the request to give you an official-looking way to contact them directly.
PayPal money requests are exactly what they say: a way for friends, family, someone, anyone, to invite you to send them money in a reasonably secure way.