• About
    • History of Dallas SEO
  • Contact
  • Topics
    • Bing
    • Blogging
    • Branding
    • Domain Names
    • Google
    • Internet Marketing
    • Link Building
    • Local Search
    • Marketing
    • Public Relations
    • Reputation Management
    • Search Engine Marketing
    • Search Engine Optimization
    • Search Engines
    • Social Media
  • Tech
  • Advertise
  • Services
    • Search Engine Optimization
    • Ongoing SEO Services
    • SEO Expert Witness
    • Google Penalty Recovery
    • Mini SEO Audit
    • Link Audit
    • Keyword Research
    • Combine Websites SEO Services
    • PPC Management
    • Online Reputation Management
    • Domain Name Consultant
    • Domain Names & Expired Domains
    • Domain Name Appraisal

Bill Hartzer

GoDaddy Airo: Register your .com domain name today!
Home » Marketing » Fraudsters Are Exploiting PayPal Commerce: Here’s What Online Sellers Need to Know

Fraudsters Are Exploiting PayPal Commerce: Here’s What Online Sellers Need to Know

Posted on June 4, 2025 Written by Bill Hartzer

fraudster with credit card and paypal

A growing number of ecommerce sellers are reporting being targeted by a sophisticated and frustrating form of fraud abuse via PayPal. In a recent Hacker News thread, a startup founder described being bombarded with a stream of low-value purchases—each disputed within hours—made through PayPal’s Multiparty APIs on their digital marketplace. The attacks appear automated, intentional, and potentially damaging, especially for small businesses already operating on thin margins.

And they’re not alone.

This fraud pattern, commonly known as credential stuffing or card testing, is becoming more prevalent across payment platforms like PayPal and Stripe. It involves cybercriminals using stolen credit card data to make small test transactions in order to identify which credentials still work. Once validated, the working card details can be resold or used for larger fraudulent purchases elsewhere.

Jump To

Toggle
  • How the Attack Works
  • Why PayPal May Not Be Helping Enough
  • The Broader Ecommerce Problem
  • Practical Steps for Retailers
  • A Payment Platform Gap
  • Related Posts

How the Attack Works

According to the post, the attacker:

  • Uses email addresses with no online footprint, typically from the same few domains.
  • Initiates payments using unverified PayPal accounts.
  • Purchases low-cost digital items with slight variations to avoid detection.
  • Issues disputes or chargebacks within hours.
  • Changes IP addresses between each transaction to evade basic fraud filters.

The frequency and subtlety of the attacks suggest browser automation—likely using headless browsers that simulate human activity—and some knowledge of how to stay under the radar of anti-fraud tools.

Notably, these aren’t API-driven attacks. They happen through the seller’s actual payment form in a browser, making detection more difficult and bypassing common API-level protection.

Why PayPal May Not Be Helping Enough

Multiple merchants chimed in with similar stories of fraud and little help from PayPal. Because of how PayPal’s Multiparty API is structured, support agents reportedly fail to recognize that a platform operator is even connected to a transaction unless each individual seller reports it independently. This fragmented support model leads to weeks of canned responses, unresolved cases, and growing losses.

For a small startup or niche seller, the cost of chargebacks, the risk of a payment account freeze, or even reputation damage with payment providers can be devastating.

The Broader Ecommerce Problem

This isn’t just a PayPal issue. Other payment processors like Stripe have been targeted by similar tactics, especially when landing pages or checkout tools are misconfigured or lack protective measures.

As one commenter noted, the problem can escalate quickly: “It got to the point where we were almost shut off by a card company.”

Practical Steps for Retailers

To protect against this wave of dispute spam and fraud, ecommerce operators—especially those selling digital goods—should consider:

  • Adding CAPTCHAs or email validation APIs like EmailListVerify to their signup and checkout flows.
  • Monitoring purchase behavior in real time to flag IP churn, unverified accounts, or rapid low-value purchases.
  • Proxying third-party landing pages or checkout tools to insert custom fraud protection measures.
  • Blocking known malicious ASNs and data center IPs often used by botnets.
  • Virtualizing infrastructure and locking down access to prevent deeper security breaches.

A Payment Platform Gap

The takeaway here is twofold. First, there’s a growing class of ecommerce fraud that blends technical automation with payment platform blind spots. Second, platforms like PayPal are not always prepared to handle these attacks at scale—especially when disputes come through indirect relationships like marketplaces.

Until that changes, the burden of protection is falling squarely on retailers themselves.

If you’re selling online—especially digital goods—it’s no longer a question of if your site will be tested. It’s when. And whether you’re ready when it happens.

Related Posts

  • Your Brand’s On the Ballot: Should You Publicly Take Political or Social Stances?
  • Study: Seeing Every Angle Is Saving Online Retail Millions in Returns
  • Way Rewrites Experiential Marketing With AI, Loyalty, and Brand Partnerships
  • 2026 MarketFully Report: Multilingual Content Spending Is Exploding
  • Urgent Trademark Filing Emails Are Back — And This One Is a Scam

Filed Under: Marketing

About Bill Hartzer

Bill Hartzer is the CEO of Hartzer Consulting and founder of DNAccess, a domain name protection and recovery service. A recognized authority in digital marketing and domain name strategy, Bill is frequently called upon as an Expert Witness in internet-related legal cases. He's been sharing his insights, expertise, and research here on BillHartzer.com for over two decades.

Bill Hartzer on Search, Marketing, Tech, and Domains.

Hartzer Domains

Bare-Metal Servers by HostDime

DFWSEM logo

 

 

Brand Ambassador for:

Majestic logo

Oncrawl logo

Industry Friends

  • David Daniels
  • WTFSEO
  • SEO By the Sea
  • Jeff Lenney
  • Jeff Gabriel
  • Scott Hendison
  • Dixon Jones
  • Brian Hartzer
  • Navah Hopkins
  • DNAccess
  • SEO Dallas
  • Confirmed Stolen
  • Hartzer on IT.com
  • Jason Olson

Connect With Bill Hartzer

  • Bill Hartzer on X
  • Bill Hartzer on BlueSky
  • Bill Hartzer on Instagram
  • Hartzer Consulting on Facebook
  • Bill Hartzer on Facebook
  • Bill Hartzer on YouTube

Recent Posts

  • Which AI Model Should You Use? A Practical Guide by Task
  • Legal Tech Media Group Bets Big on AEO
  • The Domain Name Gap: What GoDaddy’s 2026 Most Entrepreneurial Cities List Reveals About Digital Presence in America’s Growth Markets
  • Remembering Bruce Clay: The Father of SEO and a Friend Who Changed an Industry
  • Former Apple Executive Launches PersonaShield to Fight Deepfakes
  • AudioEye’s 2026 Report: AI Search Is Routing Users to the Worst Pages on Your Website
  • Bluehost Study: 87% of Small Businesses Use AI — Only 20% Know What They’re Doing
  • New AI Study Finds Early Adopters Are Winning Raises, Promotions, and Extra Income While Others Fall Behind
  • PropellerAds Launches Paid Social Traffic
  • New AI Tool Kinetik Claims It Can Predict Social Media Growth Before It Happens
Note: All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only, and are mentioned only to help my readers. All other trademarks cited herein are the property of their respective owners. Use of these names, logos, and brands does not imply endorsement.

  Hartzer Consulting

Website, Content, and Marketing by Hartzer Consulting, LLC.
Disclaimer - Privacy Policy - Terms of Use - AI Instructions

Copyright © 2026 ·