Email Security: Protect yourself from scammers

protect-yourself-from-scammers-blog

As a Level 1 PCI-DSS (Payment Card Industry – Data Security Standards) compliant company, we know a thing or two about the importance of account safety and maintaining the security of personal information. Although, most people are diligent in protecting their online activities & stored information, scammers are becoming more elaborate in their attempts to obtain any or all of your personal information.

Phishing or phishing scams are the attempts made by scammers to obtain your sensitive information such as usernames, passwords, credit card details or bank account numbers.

Recently, eWAY was informed of a fake email receipt circulating to merchants asking them to download an invoice attachment. These emails come from a domains not registered to the eWAY company, variations of @estoreway.info, @sstoreway.info, @estore.info. If you have received an email like this, we advise as a first step to NOT open any attachments and immediately delete the email.

eway payment scam
Source: My Online Security UK

Whilst the topic of personal information security is widely publicised, in light of this recent scam, we thought it beneficial to provide different ways you can protect yourself from phishing scams and look at how to spot a true email from eWAY.

SAFETY FIRST

At a minimum, you should be doing your best to avoid spam and malware activities. Here are some safety measures you can adopt to protect yourself:

  1. Change your password often.
  2. Use strong passwords which include a mix of capital and lowercase letters, numbers and symbols.
  3. Use different passwords for each of your accounts e.g. don’t have the same passwords for your bank account and your email account.
  4. Be cautious when sending any sensitive information via email, and be sure to never send credit card details via email.
  5. Ensure you have anti-virus software installed on your local computer and update it regularly.
  6. Be cautious of emails that require you to download macros before downloading Word or Excel attachments.
  7. If you receive an attachment from a company domain that you do not recognise, delete the email immediately.
  8. Never click on links in an email to connect to a website, unless you are 100% sure the link is authentic. You can hover your mouse over the link to view the URL in the bottom of your browser before you click on it.

You can visit ScamWatch, the Australian Government website which provides information on a range of different online and offline scams and how to avoid them.

SPOT PHISHING

Below are elements of phishing emails that can be used to spot a scam:

  1. Threats to shut your account down and require you to click on links or download attachments to reinstate.
  2. Requests for personal information such as passwords or account details.
  3. The Email is not personalised and may be addressed Dear Sir/Madam or to the wrong name.
  4. The Sender’s email address may contain a variation of the company they claim to be e.g. estoreway.info.
  5. Poor writing, bad grammar or bad paragraphing.
  6. Website links within the email are not directed to the correct domain.

WHAT TO DO IF YOU THINK YOU’VE BEEN SCAMMED?

If you think that you may have provided any of your personal details to a scammer, ScamWatch recommends that you contact your bank, financial institution or any other relevant agency or service immediately.

You can also contact iDcare, a free government-funded service which works with you on developing a specific response plan to your situation and supporting you through the process. Visit iDcare or call 1300 IDCARE (432273).

EMAILS FROM EWAY

Finally, here’s some ways you can ensure an email is truly from eWAY:

  1. Our emails are only ever sent from email domains that end in @eway.com.au, @eway.io, @ewaypayments.com, and @eway.co.nz
  2. You cannot “buy” items from us, we are not a retail store – you are charged per transaction on the business bank account that you have previously provided, according to the terms you have agreed upon.
  3. We would never ask you to provide any login details to your eWAY or bank account.
  4. None of eWAYs emails would contain bold, red font – this should be a flag that the email is not from us.
  5. You can login to MYeWAY to view your billing and transaction history, if you ever need to check that the details within an email are true.

If you are ever in doubt, regardless of whether the email is from eWAY or another service you deal with, the best bet is to contact the company directly and check details of your account with them. Most companies should be able to provide you with an email send history, which you can use to confirm the integrity of the email you’ve received.

eWAY is recognised within the payments industry as a market leader in e-payments solutions, technical innovation, infrastructure and best-in-class customer support. To get started today with Australia and New Zealand’s leading all-in-one payments solution, call us on 1800 10 65 65, enquire online or sign-up for free today.