Recognise and Report Phishing Scams
What is phishing?
Phishing is an attempt by a fraudster to collect personal and/or financial information over email, phone or text message. These fraudsters typically acquire this information by verbally requesting it over the phone, by posting links or false phone numbers on social media sites, or by sending unsolicited emails or texts messages, so that direct recipients enter personal information into fake websites or phone systems posing as real ones.
Learn more about protecting yourself from phishing scams on Square’s blog.
Protect sensitive information
Square will never ask you to provide sensitive information such as your username, password, social security number, full bank account details or payment card information over email, phone or text message.
If you believe you called a fraudulent number for Square or if you receive a suspicious phone call, do not provide any personal or account information and hang up immediately.
If you receive a suspicious email regarding Square, don’t reply to the message, give out any information, click on any links or open any attachments. Please forward it to firstname.lastname@example.org to report the incident. Do not include any other information in the email you forward. The appropriate team will investigate and take action if needed.
If you think your information has been compromised due to a phishing scam, please change your email and Square account passwords immediately and report the incident through official channels.
Verify the phone number
To contact support, visit Square’s contact page and sign in to your account.
Verify the URL
Always be sure that you’re on a secure site before entering your Square login information. To do so, check that the web address in your browser is https://squareup.com/login and that the locked Square, Inc. icon has populated next to this web address.
It is common for phishing emails to contain links that direct recipients to a non-secure page where you may be prompted to enter your username and password (and sometimes additional sensitive information).