Phishing is the illegal attempt to steal money and/or sensitive information using phone calls, email messages, or websites.
Criminals often attempt phishing by posing as legitimate companies, by using tactics such as replicas of website replicas, emails, or social engineering, to convince you to either provide personal information or install malicious software on your computer.
Best practices
Most organizations follow best practices in all communications to customers. Things to know about legitimate Divvy communications:
We'll never ask you to provide credit card or ACH information in an email or over the phone.
Emails from Divvy never contain ZIP or EXE attachments.
All links in Divvy emails will point to Divvy URLs (addresses beginning with https://app.divvy.co, https://apply.divvy.co, https://getdivvy.com, and https://help.getdivvy.com).
To see a full URL, hover over a link with your cursor. The link will display in the bottom left corner of the browser.
Tips
Tips to help recognize phishing attempts and avoiding scams:
Spelling and Grammar
If you receive an email from a familiar or well-known source with poor grammar and spelling errors, this may indicate a scam.
Real companies generally keep copy editors and technical writers on staff to ensure only well-polished emails are sent to their users.
Attachments
Never download attachments from an unfamiliar source or from an email you suspect may not be legitimate.
Ensure your anti-virus software is up to date.
Be especially suspicious of ZIP and EXE files, but keep in mind that even documents can contain a virus.
Threats
Emails which threaten to shut down or block your account unless you reply, select a link, or provide information, may be phishing scams.
Please forward all phishing emails to [email protected].