Phishing scams are attempts by fraudsters to trick you into sharing personal or financial information — such as your password, card number, or one-time verification code. These scams often look like genuine messages from trusted companies, including money transfer apps, banks, or government agencies.
When you click a fake link or share sensitive details, scammers can use that information to access your account or steal your funds. Because cross-border payments often involve multiple currencies and systems, phishing scams can appear highly convincing — especially if they imitate NALA’s brand or target international transactions.
Common types of Phishing Scams:
Phishing
This kind of fraudulent behaviour occurs when bad actors send misleading emails and messages purporting to be legitimate/reputable companies with the goal of stealing sensitive personal information such as credit card information or passwords.
Phishing can also be executed using illegitimate websites that mimic reputable sites. The bad actors usually create a similar website with a “typo” which makes it quite similar to the original site. They will then use the site to steal information which they can sell to other bad actors or use for fraudulent activities.
Phishing scams have evolved into other forms, including Vishing (voice phishing) and Smishing (SMS phishing).
Vishing
Also known as voice phishing, this involves fraudsters leaving voice notes or making phone calls that lure victims into revealing personal information, which they then use to defraud customers or sell to other fraudulent actors.
Smishing
Also referred to as SMS phishing, this fraudulent practice involves sending misleading text messages to lure users into sharing personal/financial information. They then use this information to defraud the victims or sell it to other fraudulent actors.
👀 How Phishing Scams Work
Phishing scams usually follow a predictable pattern:
You receive a message — via email, SMS, or social media — that looks official.
The message creates urgency — it might claim that your NALA account is locked or that you must verify a recent transfer.
You’re asked to click a link or share information — this link often leads to a fake website or form designed to collect your details.
Your information is misused — once the scammer obtains your credentials, they can attempt unauthorised logins or transactions.
🚩 Common Signs of Phishing
Watch out for these red flags:
Email or SMS requests for personal details — NALA will never ask for your password, PIN, or verification codes.
Links that look slightly different — e.g., nala-support.com instead of nala.money.
Spelling or grammar errors in supposedly “official” messages.
Urgent calls to action — “Your account will be suspended in 24 hours” or “Verify immediately.”
Unexpected attachments or links — especially from unfamiliar senders.
🛡️ How to Protect Yourself from Phishing
To keep your NALA account and money secure, follow these steps:
Check the sender’s details carefully. Official NALA messages only come from
@nala.moneyemail addresses or verified in-app notifications.Never click on suspicious links — instead, go directly to the NALA app or website to verify your account status.
Turn on two-factor or biometric authentication for an extra layer of protection.
Update your app regularly to ensure you have the latest security enhancements.
Educate family and friends abroad — phishing scams often spread by targeting close contacts of existing users.
🌍 Phishing in Cross-Border Transfers
Fraudsters often use international payment contexts to appear more legitimate. For example:
Pretending to be a recipient abroad requesting “verification” before they can receive money.
Claiming to represent a foreign bank partner needing additional documents.
Sending fake refund requests after an international payment fails.
If you receive any message related to these scenarios, verify directly through NALA Support — never respond or click links from unverified sources.
⚠️ What to Do If You Suspect Fraud
If you think you’ve interacted with a phishing message:
Stop and don’t provide any information.
Report it immediately via the in-app chat or email support@nala.com.
Change your password if you’ve entered details on a suspicious site.
Enable Face ID or fingerprint login to secure your account access.
Our team will investigate the case and take the necessary steps to protect your funds and information.