, ,

What is Catfishing and Why your Squarespace website is Safe!

, ,

What is Catfishing and why your Squarespace website is Safe!

Small business is a hustle. It’s fast, we've got enough on our plates without having to worry about cyber threats. When something sounds scary - like an urgent message warning your website will disappear without an immediate 'compliance audit' - it’s not an unreasonable response if you panic.

Around October and November 2025, some of our clients were targeted by a specific type of scam. Instead of leaning into the fear (what the scammer would like you to do!), let’s consider this a perfect teaching moment. What is catfishing and how it’s fundamentally different from being hacked?

Catfishing: impersonation, not invasion.

When you hear a business has been ‘hacked,’ you rightly worry that their systems were breached and client data might be exposed - maybe your data!

Firstly, we want to reassure you: Online is Easy has NOT been hacked.

This incident is known as catfishing or impersonation fraud. It means an external actor created a fake profile (using our public name and likeness) and is using a generic, fraudulent email address (like a the misspelled Gmail account below) to target our client base and trick them into handing over money or credentials. This isn’t the first time this has happened and I’m sure it won’t be the last.

A few emails have been forwarded to us by our diligent clients, this is one example:

 
 

They don't need to break into our secure systems because they are operating entirely outside them. They just need to scare you enough to interrupt your usual logic process.

The Squarespace Security Myth: Debunked

The scammer is using fear, uncertainty, and doubt (FUD) around Squarespace updates. As your Authorised Squarespace Expert, let us clear this up for every Australian small business owner:

  • Squarespace is a Managed SaaS Platform: This means core security, patches, and platform updates are all handled automatically by Squarespace itself. You don’t need to hire someone for an ‘urgent update’ to stay live. That’s the beauty of the platform and one of the main reasons we chose it 13 years ago.

  • Trust your experts. If your website needs a review for custom features, a refreshed template, or third-party code updates, that’s when we step in. But we will always reach out to you proactively from a verified email address, not a generic Gmail account, and certainly never with a looming, false deadline. In the example above, you can also note the poor formatting and the lack of direct human contact details in the footer.

The best defence: 3 checks to stay safe

Vigilance is key. Here are the three simple, powerful checks you can use whenever you receive a suspicious email, related to us or anyone else:

  1. Check the Domain: professional businesses communicate exclusively from their own professional domains. A domain name is hard to catfish directly. In our case, we send from @onlineiseasy.com.au or @onlineiseasy.au. If you see a generic Gmail account, a misspelled domain, or any other email provider - it's a scam.

  2. Look for the Urgency: Scams thrive on panic. If an email demands an immediate ‘Yes’ reply to avoid site failure or a financial penalty, pause and verify it through a known channel (like calling us directly).

  3. Use the Report Button: The single most helpful thing you can do for the wider digital community is to report the email as phishing in your email client (Gmail, Outlook, Apple Mail). This helps the big providers like Google or Microsoft block the malicious sender, protecting everyone.

We are taking this threat seriously and leveraging our position as a Google Workspace Reseller to work directly with Google’s security team to get this fraudulent account suspended immediately.

Still unsure if an email is legitimate? Call us first.

If you are an Online is Easy client and you receive a suspicious communication that looks like it's from Online is Easy, do not reply or click any links.

Instead, forward the full email (including headers) to support@onlineiseasy.com.au so we can confirm its authenticity immediately. We’d much rather get a false alarm than have a client fall victim to fraud.

We’re here to ensure your digital strategy is secure, stable, and simple. Don't hesitate to reach out if you have any questions.

What else can you do to prevent spam, phishing, impersonation, and fraud?

  • You can report any scam to the Australian Competition and Consumer Commission via ScamWatch

  • You can report consumer issues, such as scams, to the Australian Competition and Consumer Commission (ACCC).

  • While it’s an important step, unfortunately, ScamWtach and the ACCC won’t help much from threats outside Australia.

  • To directly help block phishing sites from appearing in search results, submit the suspicious link to Google Safe Browsing

  • If the scam is coming from a Gmail account (like the one above) Use this form to Report abuse from a Gmail account (note that you will need to fill all the required information to file the report)

  • Finally, if you spot spam, malware, or other low-quality issues distorting Google's search results, use the Google Search Quality Issues form

Unsure if an email is legitimate? Call us first.

If you are an Online is Easy Google Workspace client and you receive a suspicious communication that looks like it's from Online is Easy, do not reply or click any links.

Instead, forward the full email (including headers) to support@onlineiseasy.com.au so we can confirm its authenticity immediately. We’d much rather get a false alarm than have a client fall victim to fraud.

Need more help?

Schedule a 15 minute screenshare support call with me over Zoom.

Book Expert Aussie Tech support online

Anthony Mayer

Anthony is a digital strategy consultant who specialises in connecting people with cloud-based tools and web solutions.

He combines existing and emerging technologies with best practices, budget capacity, and human capability to help businesses and community groups innovate. Anthony is Founder of Online is Easy, based in Gippsland, Victoria, Australia.