How to spot Phishing and Fraud attempts

Phishing is an online scam where attackers impersonate a trustworthy entity to trick you into revealing sensitive information. These can come via email, text, or phone calls.

Phishing and fraud attempts are increasingly common. This guide highlights key signs of phishing and fraud and outlines steps you should take if you encounter suspicious communication.

Common Signs of Phishing

  1. Unusual Sender: Check the email address or phone number. We only use official domains and subdomains like @dext.com or @notifications.app.dext.com. The display name may look as if it would have come from Dext but checking the email header would provide you more information on who the sender actually is. You can follow this guide from Mxtoolbox to check email headers.
  2. Urgent or Threatening Language: Scare tactics or urgent requests to act immediately.
  3. Requests for Personal Info: We’ll never ask for passwords or bank details via email or text nor we will ask you to update bank details over a simple email or an attachment.
  4. Suspicious Links/Attachments: Avoid clicking on links or downloading unexpected attachments.
  5. Generic Greetings: Phishing emails often use “Dear Customer” instead of your name.
  6. Poor Grammar/Spelling: Legitimate messages are free of errors and professional in tone.

What to Do If You Suspect Phishing

  1. Do Not Respond or Click: Don’t interact with suspicious messages, download or open any attachments.
  2. Verify Communication: Contact us using the official details on our website, not those in the suspicious message. If you’re logged in you can initiate a direct chat with our Support team or you can email support@dext.com 
  3. Report the Incident: Forward the message to security@dext.com. If you’ve clicked a link or provided information, inform our support team immediately.
  4. Monitor Your Accounts: Regularly review statements for any unauthorised activity and report anything unusual.

Additional Security Tips

  1. Use Strong, Unique Passwords: Use a mix of characters and avoid using easily guessable information. 
  2. Enable Two-Factor Authentication (2FA): Use 2FA for added security. We also support Microsoft Azure AD SSO and Passkey authentication. 
  3. Keep Software Updated: Keep your operating system, antivirus software and browsers up to date.
  4. Check for Data Breaches: Use Have I Been Pwned to verify if your accounts have been compromised and take necessary actions if they have.
  5. Stay Informed: Visit our Trust Centre for the latest reports on suspicious emails and security notifications.