Skip to main content
  1. Ramp
  2. Guides by topic
  3. Security

Fraud awareness: how to protect your Ramp account

Overview

At Ramp, our top priority is protecting your information and privacy. We continuously monitor accounts for unusual activity and alert our customers when we identify suspicious signals. Our fraud protections follow the industry's best standards and are enhanced with our innovative solutions. You can find more information about our security measures here.

As robust as our security practices are, it is very important that you are able to recognize some of the most common online threats to stop would-be fraudsters in their tracks. This guide gives you a brief overview of some scams you should look out for and lays out simple steps you can take to defend your account.

Jump to:

Strengthen your security practices

  • Enable and enforce Single Sign-on (SSO) to Ramp: This greatly improves your account’s security. Otherwise, be sure to use unique and complex passphrases. Do not use the same passphrase or password for two accounts. Consider using 1Password or another provider to generate, store, and auto-fill unique passphrases.
  • Bookmark app.ramp.com/sign-in or Install Ramp’s Chrome extension to directly access your account: Fraudsters often create fake but realistic websites to trick users into providing sensitive information. Avoid navigating to Ramp through web search platforms or typing in URLs manually and potentially landing on phishing sites.
  • Enable enhanced Multi-Factor Authentication (MFA): Ramp supports MFA via an authenticator app, Touch ID, or a hardware token. Here’s how to enroll an authenticator app for your Ramp account.

Recognize common threats

Phishing

    • Credential phishing: fraudsters may attempt to trick you into giving them your username and password (and sometimes MFA code), which they will then use to log in to an account on your behalf and steal information or money. They can impersonate Ramp or trusted colleagues to deceive you.
      • Please note, Ramp will never contact you to ask for your password, card information, or login verification codes.
    • Exploit phishing: fraudsters may pose as a known vendor or colleague and send you links or attachments via email or text, which when opened, contain malware that can impact your computer.
    • You can read more about this type of fraud here.

Business email compromise

    • Your business email and your colleagues or vendors’ emails could become compromised by fraudsters through phishing or social engineering.
    • For sensitive account or payment changes, always verify the information using a different communication method to ensure you aren’t allowing a bad actor to approve the change (for example, if you received an email request, call the contact on a verified phone number to confirm).
    • This is one of the most common types of fraud against businesses! You can read more about this type of fraud here and you can read more about Bill Pay Fraud here.

Skimming

    • Fraudsters can illegally install devices on ATMs, fuel pumps, and point-of-sale terminals that capture and relay your card details.
    • Check for inconsistencies in the machines you use and try to use ones in reputable areas. You can also consider using contactless authorization instead of inserting your card.
    • You can read more about this type of fraud here.

Card testing

    • Bad actors can rapidly and programmatically guess various combinations of card numbers and expiration dates until they succeed.
    • Most attempts are incorrect and blocked by backup information like expiration date and CVV.
    • Our fraud prevention safeguards detect activity like this so that even successful guesses are declined.
    • If any attempts are successful, our customers are not liable for fraud and can dispute them.

To enhance your security measures even further, here are some additional recommendations:

  • Add a reputable ad blocker to your browser: Fraudsters use advertising technology to target you with attempts to compromise your accounts. uBlockOrigin or PrivacyBadger are good options.
  • Ensure you have an IT & Security contact assigned: they can be notified directly regarding your account’s security and login configuration.
  • Regularly update your devices and browsers: Software releases often include new security features and updates to protect you from emerging threats.
  • Regularly monitor your account: Set up alerts and/or category and merchant restrictions and check for unusual activity. If you identify any suspicious transactions, you can lock your card, change your password, and notify Ramp Support. Read more about disputing transactions here.
  • Keep your card details and login information private: Don’t share card information or login credentials with others.
  • Customize card categories and/or vendors: With Ramp’s controls, you can drill down as far as creating one card per vendor and restricting merchants to that one vendor to stop fraud in its tracks

Remember, Ramp Support will never contact you to ask for your password, full BIN or expiration/CVV of your card, or login verification codes. Do not reply to any calls, texts, or emails asking for a verification code or personal information, and reach out to our Support team if you have any questions.

Was this article helpful?

We're sorry to hear that.

Please share your feedback on this article here

Still need help? Reach our support team here