How so? It's as trivial as creating a new email account to create a new Paypal account, and even if they require credit card only Paypal accounts that can be easily fraudulent too. Fraud via paypal is just as rife as fraud without.
The only point at which an address can be used to prevent fraud, is between the credit card charging process and your bank. If it's paypal charging your credit card, they're the only ones who need your address.
That isn't true -- you can run a variety of heuristics to catch N% of fraud (and X% of legitimate payments) prior to submitting them to the bank, getting them accepted, and then having your merchant account ganked for high chargeback rates.
For example, an annoying system which will decrease chargebacks is "If your IP address goes to a country other than your billing address, shoot first and ask questions later." It bites me all the time, but there are sensible business reasons for it.
