The Rise of Phishing Scams — And How to Stay One Step Ahead
Learn how to identify and avoid phishing scams to protect your HiBid account and personal information with our expert tips and guidance.
Phishing emails aren’t new, but they are becoming more common, especially for businesses. Attackers often send messages that appear to come from trusted companies, hoping recipients will click a link, open an attachment, or share sensitive information. With the help of AI and more advanced tools, many phishing emails now look surprisingly legitimate, using professional formatting, familiar logos, and convincing language that makes them harder to identify. That’s why it’s important to know what legitimate communication from us actually looks like.
Below, we’ve outlined the types of messages you may receive from us, along with the things we will never ask you to do, so you can more easily recognize and report anything suspicious.
What Emails You Can Expect From Us
We only send emails related to account activity, auction notifications, billing, and official platform updates. These communications will come from official HiBid or Auction Flex domains or trusted service providers.
For example, some billing-related communications may come from our secure payment platform, which we use to manage subscriptions and invoices.
If you receive a message that appears to be from us but uses an unfamiliar domain, requests sensitive information, or directs you to a suspicious website, treat it with caution.
Common Signs of a Phishing Email
Phishing emails can vary, but you should watch for these warning signs:
• Unexpected or urgent requests asking you to act immediately
• Sender addresses that don’t exactly match the company’s official domain
• Messages directing you to unfamiliar websites or login pages
• Links or attachments you weren’t expecting
• Requests for sensitive information such as passwords or payment details
• Messages referencing unusual account activity but directing you to a link instead of asking you to log in through the official website
If you receive an unsolicited message claiming to be from us that asks for sensitive information, creates urgency, or redirects you to an unfamiliar website, treat it as a potential phishing attempt.
What to Do If You Receive a Suspicious Email
If you believe an email may be a phishing attempt:
• Do not click any links or download attachments
• Do not reply or share personal information
• Forward the message to our support team (as an email attachment) so we can verify it
Taking a moment to pause and verify can help prevent unauthorized access to your account.
As our team puts it:
“Phishing is an ever-present reality in today’s digital world. Protecting our community takes more than behind-the-scenes security systems and hard work—it also requires awareness from our users. If anything about a message feels suspicious, report it right away and avoid clicking links or opening attachments. By staying alert together, we can keep our community safer.”
— Jason Schaffer, Chief Information Security Officer
If you ever receive an email that doesn’t seem quite right, it’s always best to pause and check with our support team before taking any action. We’re here to help. We’ll also be reaching out to customers soon with an email that includes additional helpful tips on spotting phishing attempts and making sure a message really came from us.