Phishing is the illegal attempt to steal money and/or sensitive information using phone calls, email messages or websites.
Often, criminals attempt this by posing as legitimate companies, using replicas of web sites and emails, or social engineering, to convince you to provide personal information, or install malicious software on your computer.
Protect your data
Most organizations follow best practices in any type of communication to customers
Things to know about legitimate Bill.com communications:
- We will never ask you to provide credit card or ACH information in an email or over the phone.
- Email from Bill.com never contain ZIP or EXE attachments.
- All links in Bill.com emails will point to Bill.com URLs (beginning with "app.bill.com"). See below for information on link safety.
- Bill.com never sends email to your Bill.com Inbox.
Here are some best practices to recognize phishing attempts, and to avoid becoming the victim of a phishing scam:
- Spelling and Grammar
- If you receive an email from a familiar or well-known source which has poor grammar and spelling, this may indicate a scam.
- Real companies generally keep copy editors and technical writers on staff to ensure only well-polished emails get sent to their users.
- Never download attachments from an unfamiliar source, or from an email you suspect may not be legitimate.
- Be especially wary of ZIP and EXE files, but even documents can contain viruses. Ensure your anti-virus software is up to date.
- Emails which threaten to shut down or block your account unless you reply, click a link, or provide information may be phishing scams.