The following require a mandatory SureCircle challenge. No exceptions, regardless of how convincing the caller appears or how senior they claim to be.
Financial
- Any request to wire funds, initiate a payment, or authorize a financial transaction
- Any request to change payment-account details, banking info, or vendor payment routing
- Any request to purchase gift cards, prepaid cards, or cryptocurrency on behalf of another person
Credential & Access
- Any request to reset credentials, provide an MFA code, or install remote-access software
- Any request to grant system access, change permissions, or share sensitive/confidential data
Identity & Behavioral
- Any request from an executive who cannot be reached through normal channels
- Any video call where a financial or access action is being requested
- Any caller creating artificial urgency or instructing you not to discuss the request with others
- Any inbound contact from a “bank” or “vendor” (rather than you initiating the call)
When in doubt, challenge. A 30-second verification has never caused a loss. Skipping one has caused losses in the tens of millions.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article