Because many merchants are on high alert for data breaches, I’m afraid some might be fooled by this phishing scam, which affects many merchants.I received this Flash news for First Data Retail merchants on the North platform.
“First Data has learned of a widespread phishing attack telling recipients that their merchant ID has been locked.
Unsolicited email containing errors should always raise a red flag, especially if combined with a call to action, such as calling a toll-free number or clicking on a link. If you receive an email similar to the one below, immediately delete it from your inbox and deleted items folder. Do not open any attachments. No further action is required on your part.
If you are a merchant who called the toll-free number below and gave your merchant ID, please call the contact center number on your statement so that First Data can help you monitor for fraudulent activity on your account.”
Below is a copy of the current message. Note indicators that this is a phishing scam email in red font.
From: FirstData [mailto:verifyaccount@
Sent: Monday, February 10, 2014 9:58 AM
Dear customer, ß not personalized with merchant contact information
We regret to inform you that your merchant account has been locked. ß no specific account number provided
To continue using our services please call our tool free number +18664103984 and update your information. ß misspelling and no specific merchant services listed
Please be ready with your Merchant ID and Terminal ID number. ß no description of process to unlock account
### End of phishing scam notice###
For your convenience, I’ve also included an image of what a typical real newsflash includes. NOTE: The yelllow highlights were from my email program, not from First Data’s actual email footer.
As always, merchants need to be vigilant and follow these tips for account security:
- Never give out information to someone who calls you.
- Always refer to the phone number on your merchant statement, not something in an email.
- Never click on an unsolicited email link to modify passwords, always go direct to the site.
- Read the newsflashes that are in the first part of merchant statements.
- Segment access to merchant data and permissions by job role.