If you receive a suspicious link or message from any entity claiming to be associated with us, report it ASAP to our support team. You may be a target of phishing, a cybercrime where someone poses as a legitimate company or government entity to obtain victims' personal information.
The most important thing is that you do not click on any links or download any attachments from the message that you received. These links and attachments can damage your device, and your data can potentially be exposed to thieves.
First and foremost, you'll want to report the message to our Support team. When you reach out to us, be sure to include all of the information from the emails or messages to help us investigate where they originated. Reporting it in detail will also help us prevent other members from being targeted by these attempts.
Information Paxful will never request
We will never request the following information:
- Your full credit card number, banking information, or other financial details
- Your Paxful password
- Your one-time two-factor authentication (2FA) code
- Click a link to receive funds, verify information, and release or cancel the trade when you are already logged in (you can do that yourself on Paxful)
We also won't send you links asking you to click to receive funds, verify your information, or release or cancel a trade when you're already logged in.
Please report it to us immediately if you receive a message requesting any of the above information.
How to spot a phishing link:
While scammers change their tactics frequently, look for these classic signs of a phishing or spoofing attempt:
- Make sure there are no spaces in the link provided.
- There are no URLs inside the pictures.
- There are no links with/attached to QR codes
- We recommend you be very cautious with file-sharing links. These can lead to malware or hacking.
- There is no ‘Whatsapp’ or other messengers inside pictures.
- You receive emails or messages with .html attachments.
- Also, keep your trades in Paxful. These links can be shared off-escrow without detection.
How to spot a phishing email or chat message:
While scammers change their tactics frequently, look for these classic signs of a phishing or spoofing attempt:
- The user requests your bank account, username, password, social security number, or identity.
- A claim is made that your account is compromised. In such cases, we may send only automated messages from “no-reply” email addresses.
- You receive an unsolicited email with a link to verify your account information.
- There are typos in the email address. It’s common to see something like support@ppaxful.com.
- You receive suspicious links that don’t lead to www.paxful.com. Before you enter your login information or click on a link, double-check the URL by copying it into your address bar without pressing Enter.
- You receive emails that mimic our design. These emails aim to distract you from any typos in the email address or website links by using pictures and colors similar to our platform.
Ways to Protect Yourself from Phishing Scams:
- Always report any suspicious activity to our Support team.
- Check that a link, email, or message is actually from Paxful.com. We communicate using several social channels:
- Do not click on any links, downloads, or attachments from questionable messages and emails.
For more information on how to protect your account, see our security guide.
If you need any assistance from our Support team, do not hesitate to contact us. Check out this article on How to Contact Support.