Tips to detect and avoid phishing attempts

Hello Deriv Community,

Your online safety is important to us. With the rise in digital scams, we’d like to help you stop, spot, and report phishing attempts. Phishing is a cyberattack technique where scammers try to trick you into revealing sensitive information like your passwords and bank details. They pose as real companies and create fake emails, social media profiles, and numbers to get you to take actions that compromise your data and security.

Scammers are getting very skilful, and we need to be more vigilant. Look out for these red flags to identify a phishing attempt:

1. Typos
Many phishing attempts contain spelling and grammatical errors as scammers don’t usually put their content through professional copywriters.

2. Suspicious links
Scammers include links that look valid, but if you hover your cursor over them, you can see the URL:

  • Has misspellings.

  • Has extra characters.

  • Are from suspicious domains that don’t match ours.

  • Begins with http, (not https://), which shows it is not secure nor encrypted.

3. Suspicious promotions
Scammers will claim you have won money and ask for your password or bank number. Deriv never asks for your personal or financial details through social media nor do we have giveaways/promotions.

4. Urgency
Scammers like to create a sense of urgency, fear, or excitement to manipulate you into acting quickly. They want you to panic so you give your details and complete a transaction quickly without thinking.

5. Impersonation
Scammers often use email addresses and social media profiles similar to ours but contain small variations or misspellings in their name or profile.

6. Odd payment methods
Scammers will always request payment in the method that best suits them. They will try to assure you that you can trust them as they are only helping you with the transaction.

Once you’ve identified a scammer, remember these best practices to boost your online safety:

:heavy_multiplication_x: Don’t instantly click on links

Hover your cursor over the URL before clicking on it. This will display the URL. If the link doesn’t match our domain or looks suspicious, don’t click on it.

:heavy_multiplication_x: Don’t share personal info
Never share personal or financial details without verifying the sender. For security reasons, all confidential matters are done via live chat with our Customer Support team.

:heavy_multiplication_x: Don’t act immediately
Don’t make payments or give out your personal details if you are urged to do it immediately. If we need anything from you, we will reach out to you ahead of time using our official email address ending in @deriv.com or through live chat.

:heavy_multiplication_x: Don’t answer suspicious emails, calls, and messages
Block unknown calls, report suspicious emails, and contact our Customer Support team if you come across suspicious profiles on social media. Only trust info posted on our website, our official social media accounts, and in emails ending in @deriv.com.

Our official social media accounts for the EU are:

Our official social media accounts for the rest of the world are:

:heavy_multiplication_x: Don’t be afraid to ask
Contact us via live chat if you have doubts about the authenticity of the email or social media profile, and we’ll confirm if we need anything from you.

Thank you for helping keep our trading community safe. For more safety tips, head to our blog. You can also visit our secure and responsible trading page for more tips on protecting yourself online.

If you have any questions, please visit our Help Centre or contact us via Live Chat and WhatsApp.