Stripe, the major payment processor, recently added security tips to their login page. We have highlighted the tips related to phishing.
An indication of the prevalence and severity of phishing, it is a significant step to introduce security warnings on the login page. Are they putting customers in control or is it an admission that industry security controls have failed?
Check the URL to make sure you’re signing into
dashboard·stripe·com. Phishing attacks often use a fake website to access your login information. For example, attackers might use a misspelled version of the URL.
To avoid phishing attempts, use a bookmark to sign in to Stripe. Phishing websites will pretend to be a legitimate website to access your login information. Set a bookmark for this page, and only use that bookmark when signing in.
Don’t click on links if an email looks suspicious. Fraudsters sometimes send emails with phishing links while pretending to be Stripe. To avoid phishing attacks, set a bookmark for this page and only use that link when signing in.