Beware of SumUp Account Scams: Protect Your Business from Unauthorised Card Reader Purchases
In a concerning twist, several individuals in our network have reported unauthorised SumUp account sign-ups using their email addresses, raising serious questions about security on the popular payment processing platform. Here’s what’s happening, how you can protect your business, and why vigilance is essential.
What Is the SumUp Scam?
In recent days, reports have surfaced of fraudulent SumUp accounts being set up using unknowing individuals’ email addresses. Here’s how the scam unfolds:
- Unauthorised Account Creation: Scammers create a SumUp account using a victim’s email address.
- Email Activation: Victims receive an email from SumUp with an activation link. Clicking the link completes the account setup, unbeknownst to the actual owner.
- Card Reader Acquisition: Once the account is active, scammers order a card reader. This could then be used to facilitate fraudulent card payments in public, especially through contactless transactions.
Why Is This Happening?
SumUp has responded to customer queries stating they’ve received increased reports of similar incidents. However, they assert that these accounts are not considered “active” until confirmed. Yet, the growing reports suggest a gap in SumUp’s account verification process, potentially allowing scammers to slip through the cracks.
How to Protect Yourself from This Scam
It’s crucial to exercise caution with all unexpected emails, even if they appear to be from legitimate sources like SumUp. Here’s what you can do:
- Verify Email Authenticity: If you receive an unexpected email from SumUp, inspect the sender’s email address and refrain from clicking any links if unsure.
- Block SumUp Emails: As a preventive measure, consider blocking emails from SumUp.com within your email domain, unless it’s a necessary tool for your business.
- Send to Quarantine: Direct incoming SumUp emails to quarantine for review rather than allowing them directly into inboxes, ensuring they are assessed before any action is taken.
- Report Unauthorised Emails: Report any suspicious emails to SumUp’s support team and document the instance for further security measures.
What Reformed IT Is Doing to Investigate
At Reformed IT, we take potential cyber threats seriously. We are working closely with affected individuals to understand the scope and impact of this issue. We also encourage you to remain vigilant, keeping a close eye on unusual emails and account notifications.
How do I keep my business safe from Cyber Security threats?
Take a look at our Managed IT & Cyber Security services which are built to provide a layered approach to security defence within our clients. You can find out more information about our services here.