What are they?
Phishing, pronounced ‘fishing’, is a form of online attack that’s generally aimed at obtaining your personal data or access to your money. Common targets include login credentials or bank/credit card details, but there are many opportunities fraudsters may want to take advantage of.
These attacks often come in the form of spoofed emails or websites that attempt to disguise themselves as the real deal.
How to spot a phishing attack
Phishing emails often appear to be from legitimate companies like banks, internet service providers or credit card companies. Always check if the full email address or website URL you are interacting with is legitimate by validating it with an external source.
For example, you bank with Barclays and receive an email redirecting you to their website. Check both the domain you received the email from and the URL you are being redirected to:
- Google their website, in this example, their real UK landing page URL is “https://www.barclays.co.uk”
- An example of a spoofed version of this might be as similar as "https://www.brclays.co.uk”
Both websites might look exactly the same to begin with, but a spoofed attack might be collecting your login credentials.
If unsure, reach out to the company directly by searching for an alternative contact and verifying that the communication you received is legitimate. When in doubt, it’s always best not to answer any questions, click any links, or download any files.
Some telltale signs of these attacks are:
- First time or infrequent senders
- Poor spelling and/or grammar
- Asking for items like usernames, passwords, or account numbers
- Offer something seemingly valuable, like a prize or discount
Verifying your details with Lightyear
As a regulated financial institution, we may occasionally need to reach out if we spot something unusual to make sure your account is safe and secure.
It’s important to note, we’d never:
- ask you for things like your login credentials, one-time passcodes sent by SMS, or your bank / credit card information.
- place any orders for you by phone - only you can do so yourself through our platform
- ask you to deposit funds to different account details than what you see within the Lightyear mobile app
To ensure that you’re speaking with a Lightyear team member and not a fraudster, you can check the handle of the email you’ve received, or ask for a verification message to your device where you have Lightyear installed. Our domain is golightyear.com and our support email address is support@golightyear.com.
Reporting suspicious activity
If you receive or spot any email, website or phone call impersonating Lightyear, or have concerns about the safety and security of your Lightyear account, please report it immediately to our support team.
