Alerts and FAQs Regarding Phishing
We are aware that individuals attempting to perpetuate fraud, via the Internet and otherwise, may be using the Global Payments’ name or a Global Payments’ product name, (Global Transport and logo) to deceive consumers.
Please take caution. GLOBAL PAYMENTS INC. HEREBY DISCLAIMS LIABILITY FOR ANY INFORMATION, MATERIALS, PRODUCTS, OR SERVICES POSTED OR OFFERED AT UNAFFILIATED THIRD PARTY SITES. Global Payments is not responsible for the content on any such third party Web site and regards the unauthorized use of its trademarks, logos, and service marks as a violation of its intellectual property rights under federal law.
If you feel you have been a victim of fraud, you may wish to visit the government’s Internet Crime Complaint Center at www.ic3.gov to file a complaint.
To report the misuse of Global Payments Inc. trademark or logo, please email email@example.com
Phishing is a type of online identity theft. It uses email and fraudulent websites designed to steal your personal information including credit card numbers, passwords and account data. Perpetrators of phishing scams send millions of fraudulent email messages with links or attachments that appear to come from websites you trust such as your bank or credit card company. The phishing emails request that you provide personal information in order to open new accounts in your name, obtain official documents using your identity or even embezzle funds from your accounts.
What should I do if I receive an email phishing scam?
If you think you've received a phishing scam, immediately delete the email message and do not click any links in the message or open any attachments.
What should I do if I receive a possible phishing scam that says it’s from Global Payments?
Attach the suspicious email message to a new email message and send it to the Global Payments at firstname.lastname@example.org. We will need the original phishing email (not just a forwarded copy) to be able to analyze the message. Delete the email message and do not click any links in the message or open any attachments. Global Payments will never send an email asking you to update your login credentials or log into our website using a link or an attachment in an email.
What should I do if I've responded to a phishing scam?
To minimize any damage after responding to a phishing scam with personal or financial information, immediately change the passwords or PINs for all the online accounts that could be compromised.
Can an email message that contains a company's official logo be a phishing scam?
Yes. Phishing scams often use the official logos of the companies they're trying replicate. Do not use website links in suspicious emails - type the web addresses directly into your browser or use your personal bookmarks.
Can I tell if an e-mail message is a phishing scam just by reading it?
Not necessarily. Phishing email messages often include official-looking logos from real organizations and other identifying information taken directly from legitimate websites. They might also contain threatening phrases such as "Your account will be suspended if..." or requests for action like "Log in now using this link to update or reset your password."
How do I avoid phishing scams?
The number of sophisticated phishing scams sent to consumers is continuing to increase dramatically. While online banking and ecommerce are very safe, as a general rule you should be careful about giving out your personal financial information over the Internet.
The Anti-Phishing Working Group (APWG, www.antiphising.org) has compiled a list of recommendations to avoid becoming a victim of these scams.
- Be suspicious of any email with urgent requests for personal financial information. Phishers typically include upsetting and false statements in their emails to get people to react immediately. They also ask for information such as usernames, passwords, credit card numbers, social security numbers, date of birth, etc.
- Don't use the links or attachments in an email, instant message or chat to access any Web page. If you suspect the message might not be authentic call the company or log onto the website directly by typing it into your browser.
- Avoid filling out forms in email messages that ask for personal financial information. You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
- Always ensure that you're using a secure website when submitting credit card or other sensitive information via your Web browser.
Phishers are now able to:
- Replicate the "https://" normally seen on a secure Web server and a legitimate-looking address. Make it a habit to enter the address of any banking, shopping, auction or financial transaction website yourself and not depend on displayed links.
- Forge the yellow lock seen near the bottom of the screen on a secure site. The lock has been considered a "safe" indicator and when double-clicked, displays the security certificate for the site. Do not continue if you receive warning displays that the address of the site you have displayed does NOT match the certificate.
How can I identify a fraudulent email?
- Look closely at the sender’s email address. Although the "From" email can closely resemble a valid email address, there are often unusual characters or constructs that can help confirm that the address is fraudulent.
- Check email images and graphics. Images used in fraudulent emails are often broken (i.e., not present), out of place or incorrect. These problems typically occur when a fraudulent message attempts to reference an image from a legitimate entity's website and fails.
- Pay attention to message format and text. Message length, grammar, word choice and sentence structure play a part in the success of a phishing email. Take note if the message is brief and lacks personalization.
- Look for consequences resulting from a lack of action on your part. Does it demand your attention and indicate that there will be consequences if you do not take action? If so, this could indicate that the email is fraudulent.
- Be wary of embedded hyperlinks or attachments. Hovering or moving your computer mouse pointer over an embedded hyperlink should reveal the associated Web URL. Always open a browser and type in the URL directly.
Where do I report Phishing scams?
Report phishing emails to the following groups and include the entire original email with its original header information intact:
- Use the reporting form from www.antiphishing.org or forward the email to email@example.com
- Forward the email to the Federal Trade Commission at firstname.lastname@example.org
- Notify The Internet Crime Complaint Center of the FBI by filing a complaint on their website: www.ic3.gov/