Keep an eye out for scam emails, appearing to come from Squarespace

There has been an increase in the number of phishing or scam emails being received by Squarespace designers and customers. Here’s a guide to ensure you remain secure online.

It is also more difficult than it has ever been to separate suspicious emails from authentic reminders, our recommendation is to stay alert. Here are some email security tips to protect you from suspicious emails.

Here’s a quick guide to keep your Squarespace account secure and away from internet or email scams.

Here’s a quick guide to keep your Squarespace account secure and away from internet or email scams.

As a first step check the email address and if it doesn’t come from @pixelhaze.co.uk or @squarespace.com, delete immediately. NEVER click on a link within an email that appears to be suspicious.

Finally, please do not forward the email to us, instead report it to the Squarespace Security team by forwarding the entire email to reportphishing@squarespace.com.

Here are the list of authentic Squarespace email addresses:

  • no-reply@squarespace.com or noreply@squarespace.com (Email notifications from your site)

  • no-reply@squarespace.info (Form Block submissions from your site)

  • messaging-bounce@opensrs.org (Squarespace Domains)

  • research@squarespace.com (Our Research team)

  • services@squarespace.com (Squarespace 5 billing notifications)

Even if the the email passes quick test shown above, there is still a chance it is a scam email. Fortunately, Squarespace have also recently provided us with some useful steps to detect phishing scam:

HOW TO SPOT A PHISHING SCAM

While scammers change their tactics frequently, look for these classic signs of a phishing or spoof message:

  • Requests for your bank account, username, password, social security number, or identity. Never share this information.

  • A claim that your account is compromised.

  • An unsolicited email with a link to verify your account information.

  • Typos in the From email address. It’s common to see something like customersupport@squareespace.com (typo). 

  • Suspicious links that don’t lead to www.squarespace.com. Before you enter your login information or click on a link, double-check the URL by copying it into your address bar without pressing Enter. Links in Squarespace emails preview as email.squarespace.com.

  • Emails that mimic our design.

  • Emails with .html attachments.

Full details can be found in this Squarespace article.