If you received a suspicious email that looks like it’s from us, or another company claiming to be associated with us, don’t click links or reply to the message. Report it to us by forwarding the entire email to reportphishing@squarespace.com. Include the email header and subject line, which helps us investigate where it came from and stop it from spreading to other customers.
What you received could be a phishing email. Phishing is when scammers send messages trying to trick you into giving them your personal information. These emails often impersonate trusted brands like Squarespace.
Note: If your email provider prevents you from forwarding the email, it may have already been reported. In this case, delete the email without following any links.
How to spot a phishing scam
While scammers change their tactics frequently, look for these classic signs of a phishing or spoof message:
- Requests for your bank account, username, password, social security number, or identity. Never share this information.
- A claim that your account is compromised.
- An unsolicited email with a link to verify your account information.
- Typos in the From email address. It’s common to receive something like customersupport@squareespace.com (typo).
- Suspicious links that don’t lead to www.squarespace.com. Before you enter your login information or click a link, double-check the URL by copying it into your address bar without pressing enter. Links in Squarespace emails preview as email.squarespace.com.
- Emails that mimic our design.
- Emails with .html attachments.
Tip: Learn more about phishing emails at OnGuard Online.
Scam phone calls
While it's common for phishing scams to arrive via email or text message, be aware of unsolicited phone calls that request private information. Squarespace won’t contact you over the phone.
Official Squarespace email addresses
If you're not sure if an email address belongs to us, compare it to this list of our official email addresses:
- no-reply@squarespace.info (form submissions from your site)
- noreply@mail.squarespace.com (marketing emails from Squarespace)
- support@mail.squarespace.com (transactional emails from Squarespace)
- messaging-bounce@opensrs.org (Squarespace domain verification)
- noreply@zopim.com (transcripts from live chat sessions)
- Emails ending in @squarespace.com (site notifications and messages from Squarespace teams)
- Emails ending in @accelerationpartners.com (a Squarespace marketing partner)
These email addresses can't receive inbound email. You can reply to customercare@squarespace.com only after opening a ticket.
Information Squarespace might request
Squarespace might ask for information to verify your account if you contact us, like the last four digits of your credit card. In certain cases, we may ask for a copy of a government-issued ID, but only during an interaction with our Customer Support team.
Note that we'll ask you to click a link to verify your Squarespace Domain.
Information we'll never request
- Your full credit card number
- Your bank account or routing number
- Your password
- Your social security number
You should never share this information unless it’s with a known and trustworthy party.
What to do if you received a suspicious email
- Don’t click any links or images.
- Don’t reply.
- Forward the entire email to reportphishing@squarespace.com, including the email header, which helps us investigate where it came from.
- If you clicked a link in an email that brought you to a suspicious site, include the URL you clicked.
- Consider also reporting the message to your email provider. (Instructions: Gmail, Outlook, Yahoo!, AOL)
- Delete the email from your inbox after reporting it.
What to do if you clicked a link or provided sensitive information
- Change your password for any potentially affected accounts, such as Squarespace or Stripe.
- If you’re worried that an account has been compromised, visit the official website for that account (go to the URL directly in your browser, not through the email) and contact their support team.
- Check your bank statements frequently for unauthorized transactions.
- Report the message to your email provider. (Instructions: Gmail, Outlook, Yahoo!, AOL)
General web safety tips
To learn more about protecting your Squarespace account and personal information, visit Security tips for protecting your account.
- Change your passwords often.
- Don’t share your login information.
- Never send your password or sensitive information via email, no matter how convincing the person sounds.
- Use different passwords for different accounts. If one of your passwords is compromised, the other ones will be safe.
- Don’t assume that an email is from a company just because it contains the company logo or their name appears in your inbox as the “From” name.
- Learn more about phishing emails at OnGuard Online.
- Visit Security tips for protecting your account to learn more about Squarespace account security.