Visa Click To Pay Email Scam

Scam Tactics

• Fake Security Alerts: Emails claiming your Click to Pay account has been "locked" or "compromised," requiring you to click a link to "verify" your identity.
• Unsolicited One-Time Passwords (OTPs): Scammers may enter your email at a merchant site to trigger a real OTP email, then contact you (via a separate fake email or call) to trick you into sharing that code.
• Urgent Refund or Payment Notifications: Messages about a "pending refund" or a "failed payment" that lead to a replica website designed to capture your card details.

Spot a Fake Email

• Suspicious Sender Address: Official Visa Click to Pay OTPs are sent from no-reply@email.clicktopay.visa.com. Be wary of addresses using generic domains (like @gmail.com) or misspelled variations.
• Generic Greetings: Scams often use "Dear Customer" instead of your actual name.
• High-Pressure Language: Phrases like "Immediate action required" or "Your account will be deleted" are designed to make you act without thinking.
• Requests for Sensitive Info: Visa will never ask for your full card number, CVV, or PIN via email.

What to Do

• Do Not Click: Avoid links or attachments in any suspicious email.
• Verify Independently: If you are unsure, go directly to the Visa Click to Pay portal or contact your bank using the number on the back of your card.
• Report the Scam: Forward suspicious emails claiming to be from Visa to phishing@visa.com.
• Secure Your Account: If you shared any information, contact your bank immediately to freeze your card.