Identifying and Reporting Phishing
6 min
In this article
- Suspicious emails
- Suspicious websites
- Suspicious form submissions
- Suspicious emails from “Wix Partners”
- FAQs
Phishing is a fraudulent technique used to impersonate legitimate trusted sources in order to collect sensitive data such as passwords, account details and credit card numbers.
Because Wix is a trustworthy and well-known service, attackers may attempt to impersonate Wix with fake emails and websites in order to target and deceive.
The information in this article can help you identify suspicious messages pretending to come from Wix, or other legitimate sources.
Suspicious emails
Phishing emails are sent by scammers attempting to impersonate an organization you trust. To help identify a phishing attempt, check for the following:
- Emails send from addresses that might appear official, but are slightly misspelt, such as vvix.com or wIx.com
- Emails that request your personal information
- Emails with links to download or view files from an unfamiliar source
- Emails directing you to an unofficial website
- Emails that contain grammar or spelling errors
- Emails that unnecessarily reference the full names of individuals from the organization they are attempting to imitate
- Emails with urgent language like "Immediate action required!”
- Emails with generic greetings such as "Dear Customer " or "Dear User"
- Legitimate Wix emails are always sent from wix.com
- Check any upcoming payments from the Premium Subscriptions page of your Wix account and view past payments from your Billing History.
If you received a suspicious email that appears to have been sent from Wix - or a company claiming to be associated with Wix - don’t click links, download attachments, or reply to the message. This could be a possible attempt to impersonate Wix for the purpose of gathering information.
Instead, forward the email directly to reportphishing@wix.com and include the full technical email headers. This will help us to investigate where the email came from, and to stop it from spreading to other users.
Click the relevant tab below for instructions on how to obtain email headers for your email provider.
Google
Microsoft
Yahoo
Apple
- On your computer, open Gmail.
- Open the email that you want to analyze.
- Next to the Reply icon
, click the More icon
and select Show original. - Click Copy to clipboard.
- Open Google Admin Toolbox Messageheader.
- In the box, paste your header.
- Click Analyze the header above.
If you are using a different email provider, you can find out how to view your full message details by typing "get full email (provider name)" into your search engine, and selecting the help page for your email service provider.
Email protection
Wix employs a number of mail validation tools in order to protect our users including:
SPF
An SPF (Sender Policy Framework) record identifies which mail servers are permitted to send email on behalf of your domain. This record prevents spammers from sending messages with forged sender email addresses to your domain.
An SPF (Sender Policy Framework) record identifies which mail servers are permitted to send email on behalf of your domain. This record prevents spammers from sending messages with forged sender email addresses to your domain.
DKIM
DKIM (Domain Keys Identified Mail) is an email authentication method designed to detect email spoofing. DKIM allows the receiver to verify that the email received was indeed authorized by the owner of that domain.
DKIM (Domain Keys Identified Mail) is an email authentication method designed to detect email spoofing. DKIM allows the receiver to verify that the email received was indeed authorized by the owner of that domain.
DMARC
DMARC (Domain-based Message Authentication Reporting and Conformance) is an email validation system, designed to detect and prevent email spoofing. It helps to protect against forged sender email addresses that post as a legitimate organization.
DMARC (Domain-based Message Authentication Reporting and Conformance) is an email validation system, designed to detect and prevent email spoofing. It helps to protect against forged sender email addresses that post as a legitimate organization.
Suspicious websites
Phishing sites will often use a very similar domain name which visitors can easily overlook. For example, your domain name might be mywixsite.com, but the phishing site might have the domain name mywiixsite.com. These domain names look similar, but are spelled slightly differently in order to trick you.
The best way to recognize a phishing site is to check the domain name in the address line and compare it to the original site's domain name to verify its legitimacy.
If you think that you have been the target of a phishing attack from a site built with Wix, let us know immediately by filling out this form. The suspicious site will be removed.
Suspicious form submissions
Wix will never contact you about account, billing, domains, or any other issues through your site's contact forms, or site inbox.
While the email notification you would receive may come from an email address ending in @crm.wix.com, the content within this notification comes from what a site visitor has entered into your website’s contact form.
If you’ve received a suspicious form submission, you can report the message as spam directly from your Wix Inbox.
To help prevent most automated spam, you can enable a reCaptcha field on any of the forms on your site.
Suspicious emails from “Wix Partners”
Wix Marketplace Partners are vetted professionals you can find in the Wix Marketplace. Because these Partners are visible and searchable, malicious actors sometimes impersonate them, or claim they’re “from Wix”, to gain access to sensitive information.
If you’ve received an unexpected message claiming to be from a Wix Partner, ask yourself:
- Did you find them?, or did they find you?
- Are they pressuring you to act urgently?
- Do you understand exactly what work they’re proposing?, or is it vague?
- Did you recently submit a project request for the work they are proposing?
- Are they transparent about scope, pricing, and expected results?
Once you’ve considered the questions above, use the following checks to help confirm the Marketplace Partner’s identity before engaging further.
Verifying a Wix Marketplace Partner
To help you verify a Marketplace partner:
- Check the sender’s email address carefully: Look for misspellings or extra characters in the domain. Scammers often use domain name lookalikes to appear convincing.
- Find them yourself: Don’t click their links. From your account dashboard, go to My Projects and verify the contact details under Professional Details. Real Partners most often use the same contact details reflected on their own profile or website.
- Validate their company presence: Cross-check the company's website and social links from the Wix Marketplace profile, not from the message you received.
- Use Collaborator access only: You never need to share your Wix password or 2-step verification code. Instead, you can invite people to collaborate on your site with Roles & Permissions. This allows you to control who can make changes on your site and dashboard.
Not all professionals or Partners who use Wix are in the Wix Marketplace. Anyone can apply to become a Partner. Apply the same safety checks above, and only grant access via collaborator roles, and not by sharing your login details.
FAQs
Click a question below to learn more about Wix security.
What should I do if I accidentally click on a phishing link?
How can I secure my Wix website from spam and phishing attempts?
Can I block specific site members from my Wix site?
What should I do if I suspect a fake Wix Partner?
