How to spot a phishing scam

Important update: On September 4, 2019, we learned of a new email phishing attempt, whereby some of our customers reported receiving suspicious emails containing fake Sendle invoices. Protecting your security online is a top priority for us. While no Sendle customer data has been compromised, we want to be sure you are aware of the scam emails, and know how to protect yourself if you think you’ve received one. Learn more below. If you’ve received a suspicious email, please report it to our team at sendle.com/help


Every day thousands of scams hit our inboxes. 

One of the most common scams affecting organisations and businesses every day are “phishing” scams. 

Let’s take a look at what they are and how to spot them.

What is phishing?

Have you ever received an email from what looks like a bank, or a government agency, asking for details like your credit card information or passwords?

It’s likely that message is a “phishing” attempt by a criminal, and the best thing to do is report it!

Phishing is a really common form of cyber attack. Generally, criminals format messages that pretend to be from trusted organisations and send them via email, SMS, instant message or social media platforms. 

They are mostly looking for information such as online banking logins, credit card details, business login credentials, passwords/passcodes. If something seems off, don’t provide your private information.

How to protect yourself against phishing scams

  • Verify the email address. Authentic Sendle emails will come from the @sendle.com domain. While phishing scams will try to replicate the Sendle logo and format, if there is an extra dot, dash or number in the address, it won’t be from us. 

  • We will never send you an invoice via email. If you receive a message with an ‘invoice’ attached, don’t click or download it. Report it to us instead. 

  • If you click a link in an official-looking email, and are directed to a website that is asking for personal information, check the website address. Again, if it isn’t www.sendle.com, don’t enter your payment or login data. We recommend you always access websites directly or through a search engine.

  • While phishing scams are very sophisticated, sometimes they give themselves away with spelling mistakes or an odd tone. Be wary of any email asking for urgent attention or if there are errors in the text. 

  • Like maintaining a garden, it’s important to maintain your security protocol. Update your security details regularly and make sure you’re always running the latest software available and have up-to-date anti-phishing software. 

  • Educate your customers. If you run an eCommerce business or transact over the internet, it’s possible your customers may receive phishing messages pretending to be from you from time to time. Make sure you have a place where concerned customers can let you know if there are suspicious communications circulating.  

Received a phishing message?

Remember, don’t click on the links in emails or messages, or open attachments from people or organisations you don’t know. 

If you think you have been sent a phishing message pretending to be from Sendle, please contact us at sendle.com/help.

Learn more

Phishing scams are one of the oldest internet frauds around, but they are one of the most effective. 

To learn more about how to recognise and protect yourself against phishing, head to the Scamwatch website

Can't find what you're looking for?

Contact us