At approximately 1130amET on November 6, 2025 an email account of one of our staff members was compromised. The affected account was quickly contained but several phishing emails were sent purporting to be from PaymentEvolution Support and/or this individual. This message included a link to a OneDrive document that prompts you for Office 365 credentials to open the message.
DO NOT OPEN THE ATTACHMENT OR CLICK THE LINK
This message is a phishing attempt. PaymentEvolution will not send you encrypted or macro-enabled Word documents - or send emails with links requiring your Office 365 credentials.
FAQs
Was my personal information compromised?
If you received a message, your email address was exposed but no other personal information, bank details or pay history has been affected. Your PaymentEvolution account has not been affected.
What has PaymentEvolution done to stop this phishing attempt?
Our engineering team has isolated the affected user and system. Our network, storage and other computing facilities have not been affected. We are informing all clients as a precaution. Additional malware intrusion systems have been brought online and we're continuing to monitor all systems and services for other attempts.
What can I do to improve the security of my email and systems?
Use common sense - do not open attachments or provide your personal information / credentials to anyone you do not know. Masquerading or credential farming is a method of social engineering aimed at collecting user credentials. Do not provide these credentials and confirm with the sender if unsure. Practice good password hygiene - change them often and make them difficult to guess.
Thank you for your patience and understanding. If you have any questions please get in touch - support@paymentevolution.com