8 Ways to Protect Your Business from Phishing Scams

Square
Editorial Team

Email phishing scams are an attempt to infiltrate your system and acquire your usernames, passwords, and sometimes even credit card details. The unfortunate news is that they’re pretty common — and the emails often look real. The good news is that there are some steps you can take to protect your business against them.

Here’s what to do:

1. Know the red flags

Emails with a bunch of typos or grammatical mistakes, or that come from a weird-looking address, should raise some suspicion. Scare tactics and “better act now” types of messaging are also a red flag. As a general rule, don’t open or click links in emails with these characteristics.

2. Think twice before clicking or downloading

If an email is coming from a source you don’t recognize, it’s best not to interact with anything it contains. That means no clicking links, downloading files, or opening attachments. Generally, you should only open email attachments if you are expecting them and know what information they will contain.

3. Guard your Social Security number and your financial information

You should never give out your full Social Security number (SSN) or bank details over email. Be skeptical any time you’re asked to do this, as reputable sources will have you go through a secure portal. If you give your SSN over the phone, make sure you’re the one who initiated the call.

4. Verify all websites

Before you enter your Social Security number or bank information into any website form, make sure it’s a trusted, verified site. When in doubt about a Square link, reach out to us for confirmation that the link is secure, or open a new browser and go directly to www.squareup.com/login.

5. Use different passwords for different accounts

Strong passwords are key. But as iron-clad as your logins may be, you shouldn’t be using the same one for all email, bank, business, and other accounts, and it’s a good habit to change your passwords every so often.

6. Enable two-factor authentication

Two-factor authentication is a security process that requires two methods of verification to log in to your account. Many web services and apps — like your Square Dashboard — will periodically send a text message with an additional code that you need to log in. To protect yourself against unwanted activity on your accounts, make sure you’re using two-factor authentication whenever available.

Get Started with Square Point of Sale.

Point-of-sale software designed to grow with you.

7. Choose your email provider wisely

Some email services are a lot better at flagging phishing scams than others. Make sure the provider you’re using offers two-factor authentication, sophisticated spam and phishing filters, and a mechanism to alert you if phishing or spam is suspected.

8. If something seems phishy

If you suspect you may have been the target of a phishing scam, check your email logs to see if there have been any strange logins to your account and log out all active sessions. Go through your bank account statements to make sure there is no odd activity and all your transfers are going to the right place. Then change all your passwords and enable two-factor authentication. If you have specific concerns about your Square account, contact us for further assistance.

The Square Editorial Team is dedicated to telling stories of business, for business owners. Our team comes from a variety of backgrounds and share a passion for providing information that helps businesses to start, run, and grow. The team is based in San Francisco, but has collaborators all over the country.