Recognize and Report Phishing Scams
What is phishing?
Phishing is an attempt by a fraudster to collect personal and/or financial information over email, phone, or via text message. These fraudsters typically get this information by verbally requesting it over the phone, by posting links or false phone numbers on social media sites, or by sending unsolicited emails or texts messages that direct recipients to enter personal information into fake websites or phone systems posing as real ones.
Learn more about protecting yourself from phishing scams on Square’s blog.
Protect sensitive information
Square will never ask you to provide sensitive information such as your username, password, social security number, full bank account details, or payment card information over email, phone, or text message.
If you believe you called a fraudulent number for Square or if you receive a suspicious phone call, do not provide any personal or account information, and hang up immediately.
If you receive a suspicious email regarding Square, don’t reply to the message, select any links, or open any attachments. Please forward it to firstname.lastname@example.org to report the incident. Do not include any other information in the email you forward. The appropriate team will investigate and take action if needed.
If you think your information has been compromised due to a phishing scam, please change your email and Square account passwords immediately and report the incident through official channels.
Verify the phone number
Square always requires your customer code for phone support. To contact support, visit Square’s contact page and sign in to your account. Keep in mind, if our phone line is unavailable or you are contacting us outside of our business hours, you will not see the option to call, but are able to request a callback or send us an email.
If a third party provides you with contact information for Square, please verify the information through an official Square channel before calling.
Verify the URL
Always be sure that you’re on a secure site before entering your Square login information. To do so, check that the web address in your browser is “https://squareup.com/login” and that the Square, Inc. padlock icon appears next to this web address.
It is common for phishing emails to contain links that direct recipients to a non-secure page where you may be prompted to enter your username and password (and sometimes additional sensitive information).