Beat the Scam Scam checks, alerts, and consumer protection guides
Home / Guides / Email Scams / PayPal Account Limited Email Scam UK: How to Spot and Avoid It
Email Scams

PayPal Account Limited Email Scam UK: How to Spot and Avoid It

Criminals impersonate PayPal with urgent 'account limited' emails to steal your login details and bank information.

Published 2026-04-27 · Beat the Scam Editorial Team · 7 min read

PayPal account limited scamfake PayPal emailPayPal phishing email UKPayPal email scam warning signshow to verify PayPal email
Key rule: verify through an official route you opened yourself, not the link, number, app, or payment details supplied by the suspicious message.
On this page
  1. What is this scam?
  2. Warning signs to look for
  3. How this scam works step by step
  4. How to verify if it is genuine
  5. What to do if you have already interacted
  6. Reporting this scam in the UK

What is this scam?

The PayPal account limited scam is a phishing email that impersonates PayPal's official communications. Scammers send emails claiming your account has been limited due to suspicious activity, payment problems, or unverified details. They create urgency by threatening account closure or payment freezes, then direct you to click a link and enter your username, password, security questions, or bank details. The fraudsters use stolen PayPal branding, logos, and layout to make the email look genuine. Once you click the link, you're taken to a convincing fake PayPal website designed to harvest your credentials and financial information. This is a type of phishing scam specifically targeting PayPal users in the UK and worldwide. The goal is to gain access to your real PayPal account and connected bank accounts, then drain your funds or commit identity fraud.

Warning signs to look for

  • The email address doesn't match PayPal's official domain. Check if it comes from @paypal.com or @service.paypal.com; anything else is suspicious.
  • Urgent language demanding immediate action within hours, such as 'Confirm your account within 24 hours or it will be closed'.
  • Generic greetings like 'Dear Customer' or 'Dear User' instead of your actual name, which PayPal always uses in real communications.
  • Spelling and grammar errors in the email body, such as 'Verify you details' or 'Our system detect unusual activity'.
  • A suspicious link that doesn't match PayPal's website when you hover over it; real links start with https://www.paypal.com.
  • Requests to verify sensitive information like your full password, security answers, or complete card number—PayPal never asks this via email.
  • Poor image quality, misaligned logos, or outdated PayPal branding that looks slightly off compared to genuine emails.
  • A tone that's threatening or unusual, such as promising a reward for verifying details or mentioning legal action if you don't respond.

How this scam works step by step

The scam begins when you receive an email that appears to come from PayPal, with a subject line like 'Your PayPal Account Has Been Limited' or 'Urgent: Verify Your Account Now'. The email claims something is wrong with your account—perhaps unusual activity, a failed payment, or missing verification details. It emphasises urgency to prevent you from thinking critically, often saying your account will be frozen or closed if you don't act immediately. You're asked to click a link to 'resolve' the issue. When you click, you're taken to a fake PayPal login page that looks nearly identical to the real thing. You enter your email address and password to log in. The scammers then present a second form asking for additional verification details, such as your date of birth, mother's maiden name, security answers, debit card number, and sort code. Some fake pages even ask for your PIN. You submit this information, believing you're unlocking your account. Behind the scenes, the scammers now have your login credentials and financial details. They access your real PayPal account, reset the password, change the email address, and lock you out. They then make fraudulent purchases, transfer money to themselves, or use your details for further scams.

How to verify if it is genuine

If you receive an email claiming your PayPal account is limited, don't click any links in the email. Instead, open your web browser and navigate directly to paypal.com by typing it yourself—don't use email links. Log in using your own credentials (not anything the email prompted you with) and check your account status and messages directly. PayPal's genuine notifications appear in your Account Center under 'Messages' or 'Resolution Center', not just in email. Check PayPal's official Twitter account (@AskPayPal) or login page for any service announcements; real account limitations are always flagged there first. Call PayPal's UK customer service on 0203 214 8000 to confirm the email is legitimate. Look closely at the sender's email address in the email header—hover over the 'from' field to see the real domain. For more guidance on spotting fake emails, see our guide on identifying phishing emails. You can also verify the link's destination by hovering over it (don't click) and checking if it points to paypal.com. Real PayPal emails never ask you to confirm passwords, security answers, or full bank details via email or external links.

What to do if you have already interacted

If you've already clicked the link and entered your PayPal password, change your password immediately on the real PayPal website (not via email links). Then change the password for any email account linked to PayPal, as scammers often lock you out by changing the recovery email. If you entered credit card, debit card, or bank details, contact your bank immediately—tell them you've been phished and ask them to cancel your cards and watch for fraudulent transactions. Document the scam email by taking a screenshot of the full email including the sender's address and timestamp. Forward the phishing email to PayPal's official reporting address at spoof@paypal.com. Don't delete it yet. Log into your PayPal account (via the direct website) and check your transaction history, linked bank accounts, and security settings for any unauthorised changes. If your account has been accessed, file a dispute with PayPal for any fraudulent transactions. Monitor your bank accounts and credit file closely for the next 30 days for suspicious activity. Register yourself as a victim with Action Fraud (actionfraud.police.uk or 0300 123 2040) so there's an official record. Consider enabling two-factor authentication on your PayPal account if it isn't already active.

Reporting this scam in the UK

Report the phishing email to PayPal's dedicated spoof reporting address at spoof@paypal.com. Include the full email header information and screenshots of the fake page if you visited it. Report the scam to Action Fraud, the UK's national fraud reporting service, either online at actionfraud.police.uk or by calling 0300 123 2040. They track fraud patterns and may use your report to warn others. Forward the phishing email to the NCSC's Suspicious Email Reporting Service at report@phishing.gov.uk—they work to take down fake websites and phishing infrastructure. If you received the scam via SMS or text message, forward it to 7726 (SPAM). Contact Citizens Advice's consumer helpline on 0808 223 1133 for guidance on next steps if you've lost money or had your identity compromised. Report the fake website domain to the Internet Watch Foundation at iwf.org.uk if you have the URL. Your bank should also be informed immediately if you shared card or account details. Keep records of all communications with PayPal, your bank, and authorities, as these may be needed for any dispute resolution or fraud investigation.

Frequently asked questions

Is PayPal a legitimate company, or should I avoid it entirely?

PayPal is a legitimate and regulated payment service used safely by millions of people worldwide, including in the UK. The scam is not PayPal itself—it's criminals pretending to be PayPal in fake emails. You can continue using PayPal safely by never clicking email links, always logging in directly via paypal.com, and staying alert to phishing attempts.

What should I do if I've already sent money after clicking the fake PayPal email?

Contact your bank or payment provider immediately and report the transaction as fraudulent. If you sent money via PayPal Goods & Services or Friends & Family, file a dispute or claim in your PayPal resolution centre. Report the scam to Action Fraud and PayPal's spoof team. Your bank may be able to recall or freeze the transfer if it was recent. Do not send more money or engage further with any follow-up communications.

How can I tell if a PayPal email about account limitations is real?

Real PayPal account limitation notifications appear in your PayPal account messages when you log in directly to paypal.com, not just in email. Always log in directly to check your account status rather than clicking email links. Real PayPal emails address you by name, come from official @paypal.com addresses, and never ask for your password or security details. If you're unsure, call PayPal's UK support team on 0203 214 8000 before clicking anything.

How do I report a PayPal phishing email in the UK?

Forward the email to PayPal's spoof reporting team at spoof@paypal.com with full details. Report it to Action Fraud online at actionfraud.police.uk or call 0300 123 2040. Send it to the NCSC Suspicious Email Reporting Service at report@phishing.gov.uk. These organisations use your report to take action against the scammers and protect others.

Think you’ve spotted a scam? Use the AI scam checker for an instant analysis, or report it to Action Fraud.