x
Admin

Online fraud is on the rise: Ask us anything about keeping your account safe! 🔒

It's that time of year again … time to gather, spread joy with decorations, give gifts, and — if you're like me — that includes a lot of online orders. With all of the coming and going, it's also a time for fraudsters to make their own moves: This can look like a bogus online order form, fake charity account, or a phishing scam.

 

But what else should we keep in mind this year? Account takeover fraud has increased 133% in 2022. In the United States alone, individuals who have experienced an account takeover have lost an average of $12,000 USD. For more information on how online fraud impacts countries across the globe, have a look at this article: Global Statistics in Account Takeover Fraud for 2023.

 

Rest assured that we've got your back! Square has rolled out a bunch of new security features and we were glad to have @MimiW on the Square Account Security team host a Q&A on Wednesday, November 30th. Read on below for a summary of topics that came up.

 

Here are some example questions: 

  • As a buyer and a seller, what is the best way to keep my information secure online?
  • Is two-step verification worth the hassle?
  • I was directed to a different website to complete a gift purchase. How do I know that it's safe to enter my credit card information?

rupixen-com-Q59HmzK38eQ-unsplash.jpg

️ Tom | he/him
Seller Community Manager | Square, Inc.
Find step-by-step help in our Support Center
30,887 Views
Message 1 of 43
Report
1 Best Answer
Square

Best Answer

Hello Everyone,

 

Thanks again for taking the time to share your questions and feedback!

 

We hope your questions were answered—the experiences you've shared will help us as we continue to iterate based on your feedback.

 

As we close out this event, we wanted to do a recap on three themes that came up frequently:


  • 🔒 Beyond mobile phone two-step verification
    We strongly believe that enabling two-step verification is the best protection against account takeover attempts. Enrolling your mobile phone number is the easiest option but we also recommend adding a backup method in case you have issues receiving codes via SMS in the future. Available backup methods are (1) generating security codes using a third party Authenticator app such as Google Authenticator, Microsoft Authenticator or Authy or (2) enrolling an alternate mobile phone number that belongs to you or someone you trust enough to have full access privileges to your Square business account.

    For those of our sellers who want the strongest two-step verification, use an Authenticator app only, but make sure to follow the app’s instructions to set up a backup and recovery method (Google, Microsoft, Authy) in case you later lose access to the app or lose your mobile phone in the future.

  • 🔍 Watch out for spoofing and scams
    Be watchful of suspicious emails that look like they came from Square or from third party businesses sending messages through squareup.com, they are probably scams. Scammers will often create a false sense of urgency to persuade you to pay money, provide private information or install software that spies on you. You can check the Square app or your squareup.com Dashboard directly as the source of truth. If you think an email is impersonating Square, you can forward it to spoof@squareup.com. We have a security vendor evaluating the emails and performing any necessary takedowns on domains (malicious links) attempting to phish credentials or install malware.

  • 🧰 Self-service recovery experience is in the works
    Square uses a network of layered controls to defend against account takeover fraud. Sometimes, sellers may experience a suspicious activity review that temporarily locks their account or card usage. We are continuously making improvements to the way we block fraudulent login attempts, detect account takeover fraud and lock the bad actors out of our sellers’ accounts. We are also investing in an enhanced self-service recovery experience so that sellers can unlock their own accounts on their own time, without having to call Square support.


We appreciate you taking the time to share your experiences and we'll continue to improve Square’s products based on your business needs.   

 

Again, thanks for your participation. For the latest updates, keep watch for announcements of new features in Product Updates.

 

Mimi W.
Product Manager, Square
Get help in our Support Center

View Best Answer >

17,998 Views
Message 43 of 43
Report
42 REPLIES 42
Square

Best Answer

Hello Everyone,

 

Thanks again for taking the time to share your questions and feedback!

 

We hope your questions were answered—the experiences you've shared will help us as we continue to iterate based on your feedback.

 

As we close out this event, we wanted to do a recap on three themes that came up frequently:


  • 🔒 Beyond mobile phone two-step verification
    We strongly believe that enabling two-step verification is the best protection against account takeover attempts. Enrolling your mobile phone number is the easiest option but we also recommend adding a backup method in case you have issues receiving codes via SMS in the future. Available backup methods are (1) generating security codes using a third party Authenticator app such as Google Authenticator, Microsoft Authenticator or Authy or (2) enrolling an alternate mobile phone number that belongs to you or someone you trust enough to have full access privileges to your Square business account.

    For those of our sellers who want the strongest two-step verification, use an Authenticator app only, but make sure to follow the app’s instructions to set up a backup and recovery method (Google, Microsoft, Authy) in case you later lose access to the app or lose your mobile phone in the future.

  • 🔍 Watch out for spoofing and scams
    Be watchful of suspicious emails that look like they came from Square or from third party businesses sending messages through squareup.com, they are probably scams. Scammers will often create a false sense of urgency to persuade you to pay money, provide private information or install software that spies on you. You can check the Square app or your squareup.com Dashboard directly as the source of truth. If you think an email is impersonating Square, you can forward it to spoof@squareup.com. We have a security vendor evaluating the emails and performing any necessary takedowns on domains (malicious links) attempting to phish credentials or install malware.

  • 🧰 Self-service recovery experience is in the works
    Square uses a network of layered controls to defend against account takeover fraud. Sometimes, sellers may experience a suspicious activity review that temporarily locks their account or card usage. We are continuously making improvements to the way we block fraudulent login attempts, detect account takeover fraud and lock the bad actors out of our sellers’ accounts. We are also investing in an enhanced self-service recovery experience so that sellers can unlock their own accounts on their own time, without having to call Square support.


We appreciate you taking the time to share your experiences and we'll continue to improve Square’s products based on your business needs.   

 

Again, thanks for your participation. For the latest updates, keep watch for announcements of new features in Product Updates.

 

Mimi W.
Product Manager, Square
Get help in our Support Center
17,999 Views
Message 43 of 43
Report