Recognising suspicious emails, text messages and phone calls
Phishing emails, smishing text messages and vishing phone calls often use a fake email address or phone number and try to convince you to click a link and give out information. Phishing communications are designed to look genuine, and their goal is to take your private, secure data such as account numbers, passwords and personal info.
If you receive an email or message and you’re not sure it’s really from Zettle, check if it follows any of these common phishing patterns:
- Uses a greeting with generic fillers like “Dear user” or “Dear [your email address]”
Emails from Zettle usually address you by your name or business name. If we don’t have your first name in our system, we may use a greeting like “Hi,” but we won't replace a name with something as impersonal as “user” or “Zettle merchant.”
- Asks you to click on links that direct you to a fake website
A link could be written to look like a proper Zettle URL – e.g., www.zettle.com/specials. If you’re on a computer, move your mouse over the link and you will see the actual destination. If you aren’t sure, don’t click on the link.
- The email or message has unfamiliar attachments
Only open an attachment if you’re sure it’s trustworthy. If you have an open case with our support team, you might receive communications with common attachment types such as PDFs, Word and Excel files, or images like JPEGs and PNGs. But we won't add unexpected attachments in emails that aren’t related to support cases.
- Gives a false sense of urgency
Phishing emails and messages can sound alarming, with urgent warnings designed to scare you into missing signs that it’s fake. Sometimes we do need to send out legitimate information and important news, and in those cases, we may send a message called “Important update” or similar. If you have any doubts, you can contact our support team about your account. You can also forward a suspicious message to us, and we’ll investigate.
How to report suspicious communication
Emails and Websites
If you receive a suspicious email or website link:
- Do not click on any links in the email or on the website, and don’t reply or download any attachments.
- Do not enter any information.
- Please forward the email and/or website URL to phishing@zettle.com. Don’t change the subject line and please don’t forward the message as an attachment.
- Delete the email from your inbox.
SMS and text messages
If you receive a text message with a link asking you to visit a website:
- Do not click on any links in the message.
- Take a screenshot of the message (be sure it shows the sender’s full telephone number).
- Please email the screenshot to spam@zettle.com.
Telephone Call
If you receive a suspicious telephone call or voicemail:
- Take a screenshot of your recent calls list to show the full telephone number.
- Email the screenshot to spam@zettle.com. In your email, please include the details of the call and what the caller stated or asked from you.
Tips for safeguarding your account
View our cyber security checklist here for more advice about protecting your Zettle account and information from fraud. If you ever notice any unexpected activity in your account, please contact our support team.
If you would like to learn more about recognising and preventing fraudulent activity, please visit the in-depth article about phishing, smishing and vishing here.