Fake Venmo, Cash App, or Zelle money request or pending payment scam — fraudulent email impersonating Venmo, Cash App, Zelle, or PayPal Friends and Family claiming the recipient has a pending payment, money transfer, or payment request waiting — directing them to click a link to accept, confirm account details, or verify their identity to receive the funds — a social engineering and credential-harvesting attack that exploits the increasing prevalence of peer-to-peer payment apps to deceive recipients into clicking phishing links or providing account credentials

Phishing and social engineering emails impersonating Venmo, Cash App, Zelle, or PayPal Friends and Family — claiming the recipient has a pending payment, money transfer, or payment request waiting — then directing them to click a link to accept the payment, confirm account details, or verify their identity to receive the funds. P2P payment app phishing is a rapidly growing category exploiting the mainstream adoption of peer-to-peer money transfers. Key facts: (1) P2P payment scams are among the fastest-growing fraud categories by dollar volume — the FTC reported over $1.2 billion in fraud losses linked to P2P payment apps in a single year, with Zelle, Venmo, and Cash App collectively processing $1 trillion+ in annual transactions; (2) The "pending payment" and "someone sent you money" lures are effective because they create urgency and exploit the desire for money — unlike most phishing lures based on fear of loss, payment lures promise gain, which bypasses a different set of defenses; (3) Zelle fraud is particularly insidious because banks historically did not reimburse Zelle scam losses (unlike credit card fraud) — new CFPB guidance in 2024 pushed banks toward more reimbursement, but victims still face significant friction; (4) Fake "Cash App Friday" promotions (impersonating $CASHTAG promotional giveaways) and fake "Venmo support" credential-harvesting portals are among the most commonly reported social media + email phishing combination attacks targeting younger users; (5) Legitimate Venmo, Cash App, and Zelle payment notifications never require clicking external links to "accept" a payment — all P2P payment acceptance happens within the authenticated app, not through email links. Warning signs: non-official P2P app domain (not venmo.com, cash.app, or zellepay.com), pending payment with external link to "receive," request for account credentials or debit card details via email.