SumUp Email Activation Scam/Fraud

Have you received an activation email from SumUp ([email protected]) despite not setting up an account? Our Cyber Security team have had reported issues from several businesses whereby several employees have all received genuine activation emails from SumUp. We've investigated this and give our detailed verdict below.

SumUp Email Activation Scam
Posted: October 31, 2024

Beware of SumUp Account Scams: Protect Your Business from Unauthorised Card Reader Purchases

In a concerning twist, several individuals in our network have reported unauthorised SumUp account sign-ups using their email addresses, raising serious questions about security on the popular payment processing platform. Here’s what’s happening, how you can protect your business, and why vigilance is essential.

SumUp Email

What Is the SumUp Scam?

In recent days, reports have surfaced of fraudulent SumUp accounts being set up using unknowing individuals’ email addresses. Here’s how the scam unfolds:

  1. Unauthorised Account Creation: Scammers create a SumUp account using a victim’s email address.
  2. Email Activation: Victims receive an email from SumUp with an activation link. Clicking the link completes the account setup, unbeknownst to the actual owner.
  3. Card Reader Acquisition: Once the account is active, scammers order a card reader. This could then be used to facilitate fraudulent card payments in public, especially through contactless transactions.

Why Is This Happening?

SumUp has responded to customer queries stating they’ve received increased reports of similar incidents. However, they assert that these accounts are not considered “active” until confirmed. Yet, the growing reports suggest a gap in SumUp’s account verification process, potentially allowing scammers to slip through the cracks.

How to Protect Yourself from This Scam

It’s crucial to exercise caution with all unexpected emails, even if they appear to be from legitimate sources like SumUp. Here’s what you can do:

  • Verify Email Authenticity: If you receive an unexpected email from SumUp, inspect the sender’s email address and refrain from clicking any links if unsure.
  • Block SumUp Emails: As a preventive measure, consider blocking emails from SumUp.com within your email domain, unless it’s a necessary tool for your business.
  • Send to Quarantine: Direct incoming SumUp emails to quarantine for review rather than allowing them directly into inboxes, ensuring they are assessed before any action is taken.
  • Report Unauthorised Emails: Report any suspicious emails to SumUp’s support team and document the instance for further security measures.

What Reformed IT Is Doing to Investigate

At Reformed IT, we take potential cyber threats seriously. We are working closely with affected individuals to understand the scope and impact of this issue. We also encourage you to remain vigilant, keeping a close eye on unusual emails and account notifications.

How do I keep my business safe from Cyber Security threats?

Take a look at our Managed IT & Cyber Security services which are built to provide a layered approach to security defence within our clients. You can find out more information about our services here.

Similar Articles

Like what you see? Feel free to reach out us.

If you are interested in our reliable and responsive IT Support Services, get a quote for your business or contact our team here.