It’s extremely important to familiarise yourself with how phishing works and the measures phishers take to attempt to gain access to your wallet. We’ve written an article about how to keep your account secure, but here we’ll explain how to protect yourself from phishing.
Before you respond to a query, make sure you know it’s coming from us. We’ve compiled this list to help you classify. There are times when Luno will call or email you. When we do, we may ask you:
Security-related questions in order to verify your identity
We may call you with security questions to verify your identity. Some of these questions may include the information you used to sign up for Luno, such as your date of birth and your mobile number.
When you receive an email, be sure to look for the send address from the sender to verify that it’s legit. Email correspondence from us will always come from the luno.com or mailer.luno.com domain.
Here’s what Luno will never do:
We will never ask for your password
Account privacy is yours and yours only. Luno will never ask you for your password or attempt to gain access to your account through social engineering.
We will never ask for your banking details
Banking details should never be shared. There may be a time where we ask you who you bank with, but we’ll never ask you to share all your banking details with us. If you receive any form of correspondence asking you for your banking details, you are being phished.
We will never ask you to share your One Time Pin (OTP) with us
Requesting your OTP is one way how phishers gain access to your account. Never reveal this information to anybody because it should strictly be used by you only.
We will never ask for your two-factor authentication code
Similar to the OTP code above, your two-factor authentication code (2FA) exists as an additional layer of security on your account. Be sure to never divulge this code to anybody.
We will never ask for your authorisation links or to authorise your transactions
Authorisation links are generated for customers to authorise transactions. There is no reason why we will ever need to ask you for these links or to authorise transactions on your behalf.
We will never threaten to deactivate your account if you don’t perform an action
We will never require you to upgrade and close your account if you don’t
We have set different account levels, with deposit and withdrawal limits that apply to each level on the basis that the more you want to transact, the more we need to know about you. When you are approaching the threshold of one level, we may ask you to upgrade to the next level. If you don’t upgrade, you will remain on the same level with the same limits. We will not deactivate your account if you don’t upgrade.
If you have an existing support query with us, we may contact you to directly communicate about your submitted query.
If you’re still unsure, rather create a support ticket with us.