Watch out for scam emails, appearing to come from Squarespace
There has been a recent wave of phishing (scam) emails being received by clients that appear to be coming from Squarespace.
It is also more difficult than it has ever been to separate suspicious emails from authentic reminders, our recommendation is to stay alert. Here are some email security tips to protect you from suspicious emails.
As a first step check the email address and if it doesn’t come from @pixelhaze.co.uk or @squarespace.com, delete immediately. NEVER click on a link within an email that appears to be suspicious.
Finally, please do not forward the email to us, instead report it to the Squarespace Security team by forwarding the entire email to firstname.lastname@example.org.
Here are the list of authentic Squarespace email addresses:
email@example.com or firstname.lastname@example.org (Email notifications from your site)
email@example.com (Form Block submissions from your site)
firstname.lastname@example.org (Squarespace Domains)
email@example.com (Our Research team)
firstname.lastname@example.org (Squarespace 5 billing notifications)
Even if the the email passes quick test shown above, there is still a chance it is a scam email. Fortunately, Squarespace have also recently provided us with some useful steps to detect phishing scam:
How to spot a phishing scam
While scammers change their tactics frequently, look for these classic signs of a phishing or spoof message:
Requests for your bank account, username, password, social security number, or identity. Never share this information.
A claim that your account is compromised.
An unsolicited email with a link to verify your account information.
Typos in the From email address. It’s common to see something like email@example.com (typo).
Suspicious links that don’t lead to www.squarespace.com. Before you enter your login information or click on a link, double-check the URL by copying it into your address bar without pressing Enter. Links in Squarespace emails preview as email.squarespace.com.
Emails that mimic our design.
Emails with .html attachments.
Full details can be found in this Squarespace article.