The Blog

Merchant Scam – Fraudulent Email, Posing as PCI Message

Data security is a serious topic. PCI is a state-of-the-art security system created to help you keep data safe from fraud. The thieves, however, also have high-tech methods to confiscate confidential information. Here is a fraud email designed to capture your personal information.

From: COMPANY@COMPANY.com [mailto:COMPANY@COMPANY.com] Sent: Tuesday, Date Inserted Here 10:00 AM
To: CUSTOMER
Subject: Annual Agreement Renewal

Dear customer, you need to renew your annual agreement with us. Failure to do so will result with your account status set to INACTIVE, only TEST transactions will be available. Login to your personal page within this email and continue.
Service Team

This is not a real email that would be sent by your processor or a PCI compliance provider. It is actually what is called a “phishing” technique. The link inside the email will take you to a fake website, not a legitimate website. The thieves are disguising themselves as a processor or PCI compliance provider in an attempt to catch some merchant in divulging merchant account information or social security numbers.

We will never request any personal information via email such as login credentials, password data or social security numbers. If you ever have any question as to whether an email is legitimate, please do not click on any links within it. Just contact us directly at 505-296-2847.

SOURCE: EMC Processor