Recognise and Report Phishing Scams

If you receive a suspicious email regarding Square, forward it to spoof@squareup.com to report the incident. Please do not include any other information in the email you forward. The appropriate team will investigate and take action if needed.

What is Phishing?

Phishing is an attempt by a fraudulent actor to collect personal and/or financial information over email, phone or text message. These fraudulent actors typically acquire this information by verbally requesting it over the phone or by sending unsolicited emails or text messages that direct recipients to enter personal information into fake websites posing as real ones.

Learn more about protecting yourself from phishing scams on Square’s blog.

Protect Sensitive Information

Keep in mind that Square will never ask you to send sensitive information such as your username, password, bank account details or payment card information over email, phone or text message.

If you receive a suspicious email, don’t reply to the message, give out any personal or account information, click on any links, or open any attachments. If you believe that you have fallen victim to a phishing scam, please change your email and Square account passwords immediately and report the incident.

Verify the URL

It is common for phishing emails to contain links that direct recipients to a non-secure page where you may be prompted to enter your username and password (and sometimes additional sensitive information). Always be sure that you’re on a secure site before entering your Square login information. To do so, check that the web address in your browser is https://squareup.com/login and that the locked Square, Inc. icon has populated next to this web address.

safe square browser bar