Scam alert: watch for fake PayPal invoices

Three UB employees review something on a laptop.

Published April 29, 2022

If you regularly handle invoices as part of your job at the University at Buffalo, this one is especially dangerous. Fraudsters are sending fake invoices via PayPal… and some are paying up without thinking twice.

These scams most commonly appear as email messages informing you that you have received an invoice via PayPal. If you click the link and pay using your PayPal account, your money will be gone instantly, transferred to the scammer who sent the invoice.

In general, be skeptical when receiving an invoice that can’t be tied to a specific purchase or work order. You can contact the entity the invoice is purportedly from (look for their contact info online; don’t contact the person who sent the invoice directly) to confirm its legitimacy.

How does the scam work?


This scam hinges on the fact that these fake invoices aren’t technically fake at all: they are real PayPal invoices, created by fraudsters to mimic an invoice from a real entity like GoDaddy or the World Health Organization (WHO).

The idea is that, because the invoice appears to come from a well known and reputable organization, you may believe the invoice is legitimate and pay up without thinking. Because the invoices are real PayPal invoices (albeit created fraudulently), once you click “Pay” your money will be automatically transferred via your PayPal account to the fraudster.

I fell for this scam! What do I do?

While it may not be possible to retrieve your money, the best chance is to file a dispute with PayPal for fraud:

  1. Go to PayPal’s Resolution Center at
  2. Click Report a Problem
  3. Scroll through your list of transactions until you come across the fraudulent invoice. Click the white bubble next to the listing and click Continue in the bottom-right corner
  4. Follow the onscreen steps to complete your dispute

How to spot a scam

No matter what form they take, scams often have common warning signs you can watch for, including:

Compromised account? Received a phishing email? Let us know!

Preventing fraud and maintaining a safe online environment for work and learning at UB is among UBIT’s top priorities. But we can’t do it alone.

If you think your UBIT account has been compromised, contact the UBIT Help Center to report it right away; we can help you reclaim your account and prevent the compromise from spreading.

If you believe your computer has viruses or malware, we can help with that too. Students should contact the UB Tech Squad, while employees with UB-owned devices should contact their departmental support staff.

To report phishing attempts, follow these steps on the UBIT website.