Skip to main content

Phishing or scam

Updated

How to Help a Cardholder Handle Phishing or Scam Attempts

What should a cardholder do if they suspect phishing or a scam?

If a cardholder suspects they have encountered a phishing attempt or scam, guide them through the following steps:

  1. Do not engage with the sender: Advise the cardholder to avoid clicking any links, downloading attachments, or responding to the message. Phishing attempts often come through email, text messages, or phone calls, claiming to be from legitimate sources.

  2. Never share sensitive information: Inform cardholders that a legitimate service, including your team, will never ask them for sensitive information such as:

    • Private keys
    • Card details (e.g., full card number, CVV)
    • Account passwords or one-time passcodes (OTPs)
    • Personal identification numbers (PINs)

    If they receive any requests for this type of information, it is likely a phishing attempt or scam.

  3. Verify the legitimacy of contact: If the cardholder is unsure whether the communication is from a legitimate source:

    • Advise them to avoid responding to the message or call.
    • Instruct them to contact your support team directly using the contact details provided in your app or on your official website, rather than using any links or numbers provided in the suspicious message.
    • Let them know that they can check the message’s legitimacy with your team to confirm whether it was an official communication from your service.

  4. Report the phishing attempt: Encourage the cardholder to report the suspicious message or call. If the phishing message involved your service or brand, instruct them to contact your support team immediately with the details.

  5. Check account for suspicious activity: Advise the cardholder to log into their account and review their recent transaction history for any unauthorized charges or unusual activity. If they notice anything suspicious, they should immediately cancel their card.

  6. Reset account credentials: If the cardholder clicked on any links or shared sensitive information, instruct them to reset their password and enable two-factor authentication (if applicable) to secure their account.

Related to

Was this article helpful?

0 out of 0 found this helpful
Return to top

Related articles