PayPal email phishing scam

May 2024

Customers are receiving emails claiming to be PayPal confirming charges on their accounts to cryptocurrency providers. The email does not come from a PayPal email address.

The email says call PayPal within 24 hours to dispute and stop the payment.

When customers call the number provided in the email, they're instructed to:

  • Give remote access to their device(s)
  • Log into their online banking
  • Share their two-factor authentication codes for Internet Banking password resets and payments
  • Transfer funds to third party accounts in New Zealand or overseas.

There may be other scenarios including different phone numbers and email addresses used.

If you receive an email like this, do not call the phone number on the email, do not click on any links and delete the message immediately.

This is a scam. Please don’t reply or follow any of their instructions.


  • If you think you’ve been the victim of a scam, please call us immediately on 0800 269 296 (or +64 4 470 3142 from overseas, charges may apply).
  • Stay vigilant when anyone contacts you out of the blue with unusual or urgent requests.
  • If you get unexpected or suspicious messages, never click on any links or download attachments.
  • Never provide your customer number, two-factor authentication code(s), Internet Banking login details, credit card details and personal banking information to anyone, or give remote access to your devices – hang up if you are asked for this information.
  • Two-factor authentication codes are an important layer of protection. Scammers will often say they need a two-factor authentication code for one thing e.g. to reverse a transaction. But if you check the actual two-factor authentication code text message from ANZ carefully, you will see it's for something completely different. Two-factor authentication codes are never required to reverse fraud transactions. Hang up immediately if you're asked for this information. 

The message may look like this: