Summary: Here are the key areas to be aware of when it comes to staying safe and vigilant against phishing and scams on your Envato Account, including examples of what a fake email might look like and what to look out for on a real website.
It is important to protect your Envato account from unauthorised access. Sometimes, strangers might be trying to lure you into sharing your account credentials by pretending to be Envato, when in fact they are not associated with Envato at all. These types of attempts are commonly referred to as "phishing" and the perpetrators are called "phishers." Here, we’ll explain some of the things to look out for when it comes to emails, websites and some general tips to better protect your Envato Account.
Protecting Your Envato Account
A very common technique for obtaining account credentials is to send out emails that might appear as though they are coming from Envato. At a quick glance it might look like a legitimate email, but on closer examination, it usually looks suspicious and not something we would send out. These emails will contain some kind of link that looks like an Envato site, where you are prompted to log in by filling in your username and password. The phisher will then be able to see your credentials and use them to log into your real Envato account.
Here's an example of a fake, unofficial e-mail:
Phishing sites are fake websites that appear very similar to the real websites they are copying. Often, the address of the site is very similar to the real site. At first glance, the hyperlink name might look like the site is one of our Markets and even if you click it, the site you go to may look identical to Envato Market but because of the typo in the domain name, you'll have been tricked. If you then attempt to log into that fake website, there's a chance that your username and password may be stolen or compromised.
Here's how our official and legitimate account login page looks - notice the use of our official domain name "envato.com" in the address bar:
Protecting your Envato Account
You can protect yourself from phishing emails and websites by remembering to:
- Never give out your password to anyone. Envato staff will never ask you for your password.
- Never click a link in an email unless you have requested the email yourself, such as while resetting your password. Instead, use a bookmark or type in the address yourself.
- Always check the website address carefully. Never enter your Envato account credentials anywhere that isn't https://account.envato.com.
- Always check that the sender of the email is using an @envato.com email address.
Envato will never deactivate your account or write to you about deactivating your account unless you approach us about it.
- Envato will never ask you to confirm your account unless you have just signed up.
- Report any suspicious emails or websites to the Envato Help Team.
- Ensure your operating system, web browser and anti-virus software are up-to-date.