PayPal Community

One other observation is that they seem to want you to call their scam numbers as a reaction to receiving these requests.  They include a note with the payment request: e.g. "..If you do not reach out, we will proceed with the transaction" (oh no!!!) e.g. "Note from Partyka & Sons Farms, LLC: Don’t recognize the seller? Please contact us immediately at [Removed. Phone #s not permitted in a post] If you do not reach out, we will proceed with the transaction."   Typical scammer approach of making a recipient think it's urgent/high stakes.   So that is likely the ultimate goal... to get you on the line with a scammer who'll then try to get your PayPal login username/password, or some other form of off platform payment / banking details     ... View more

I'm also receiving these bogus Money Request emails from PayPal.  The email messages pass spam filtering it seems because they do seem to be coming from PayPal based on Domain Key validation.  So I can't just block the sender, as I'd likely end up marking marking legitimate "service at PayPal dot com" (not permitted to include the actual address in this post) email messages as spam.   One thing I've also noticed is that the recipient of the email is always an unrelated onmicrosoft.com email address: e.g. "some-unrelated-name at ykbzXXX.onmicrosoft.com"   So it appears to me that we have a problem where scammers are signing up for PayPal accounts, or taking over existing accounts, and are then using PayPal to send out bogus requests for payment to an onmicrosoft.com email address that they've somehow pre-configured to route to my personal email address.     I've not figured out why they'd go to this trouble instead of directing it to my personal email,  but perhaps it means PayPal are unable to detect/see that the request is being sent to an existing PayPal user/account, and so treat it differently (just use email, don't try to record/route the request to my actual PayPal account?)   It is super annoying, and I wonder how many less savvy/scam aware people are falling for it.  This is something my in-laws/parents would definitely think was real because the email is actually being sent FROM paypal.com (it passes the DK checks, etc.).   I think PayPal need to check to see which account holders have been directing Payment Requests to onmicrosoft.com domain recipients, and flag them as potential account take over, or malicious, accounts for investigation.   My only course of action right now is to set up a mail rule that marks any email where onmicrosoft.com is in the To line as spam.  This seems to be working for me, but most people who are receiving these cold requests for payment from PayPal.com won't realize they are not bogus.   Actually, overall, I think PayPal should take a closer look at how to better police/govern an account users ability to send out requests for payment via email (or SMS if that's an option).  It seems to me it has a lot of potential for misuse.     ... View more