Security is a shared responsibility — and knowing what not to trust is one of your best defenses. This page outlines three essential principles to help you and your team stay protected while using Moss.
What Moss Will Never Ask You
If you receive a message, call, or email claiming to be from Moss and it asks for any of the following, it’s fraudulent.
Moss will never:
Ask for your password, PIN or any authorisation code (e.g. one-time password (OTP))
Ask you for access to your device or to install remote access software (like AnyDesk or TeamViewer)
Ask you to communicate with Moss via WhatsApp or other similar messaging services.
Ask for your full card details (PAN, CVV, expiry date)
Ask you to make urgent transfers or payments outside of approved workflows
Contact you from free or unverified email domains
Pressure you to act urgently outside of the Moss platform
These are red flags. Stop immediately and verify the request through official channels.
How Moss Protects Your Data
Moss is built for financial control — and that includes safeguarding your data at every step.
We implement:
End-to-end encryption for all data in transit and at rest
Tokenization to protect sensitive card and payment data
Role-based access and approval workflows to control spend visibility
Continuous infrastructure monitoring with near-100% uptime
Certified compliance with SOC 2, ISO 27001, and GDPR standards
Every login, transaction, and user action is traceable — with built-in safeguards to detect anomalies early.
How to Contact Moss Safely
Always use one of the verified channels below to contact Moss. If anything feels off, stop and double-check.
Trusted contact points:
In-app support chat (fastest and most secure)
Your dedicated Moss Customer Success Manager (if assigned)
Emails from the @getmoss.com domain
Note: Email addresses can be spoofed. If something looks unusual — the tone, formatting, or urgency — do not click, but contact Moss directly.
Our official website:https://www.getmoss.com
Never trust:
Emails from Gmail, Yahoo, or personal domains claiming to be from Moss
Phone calls asking for card details, passwords, authorisation codes or remote access
Urgent instructions that bypass Moss workflows or approvals
Need to report something suspicious?
Forward the message to: support@getmoss.com
Or start a secure chat via the Moss app
We take every report seriously and will investigate and follow up directly.