Square: Combating Phishing Scams

Enhancing seller confidence and combating phishing scams through effective email design

(01)

Phishing Scams at Square

In 2020, Square faced a sharp increase in phishing scams via email, leading to significant financial losses for Square sellers. Many sellers, unable to distinguish legitimate emails from scams, lost millions of dollars they couldn’t recover.

This prompted Square to double down on their fraud prevention efforts, including an overhaul of their emailing templates.

No items found.
(02)

Initial Survey Results

As an external hire joining the Risk team, I had several one-on-ones with cross-functional team members during my first week and was made aware of a recent survey that found 62% out of 1,400 effected Square sellers had difficulty distinguishing legitimate Square emails from scams due to inconsistent branding and design.

We also knew the lack of confidence from Square sellers was due to inconsistent branding and design because previous interviews were conducted and four out of the five (80%) sellers interviewed were unable to confidently distinguish between a phishing email and a real one. The lone seller was able to distinguish between the two because she had recently received a real Square email and was able to recall the design.

No items found.
(03)

Overhauling Email Design

To restore seller confidence, we aimed to overhaul Square's email templates and create a unified design system that could be easily recognized by both internal teams and sellers.

I had the unique opportunity to help define the project’s scope, working closely with a product owner, UX Writer, Product Designers, and Researchers.

To gain buy-in for this new initiative, I conducted weekly workshops with stakeholders from each department alongside my design partner to understand their specific needs, while communicating our concerns and design goals.

By analyzing the full scope of existing emails across departments, we compiled a comprehensive list and identified inconsistencies. This foundation set the stage for creating a cohesive and modular email design system.

No items found.
(04)

Design and Testing

Leveraging the Market design system, I created a set of revamped email templates that adhered to familiar patterns. These designs emphasized consistent headers, bodies, and footers to ensure uniformity across all departments.

Through weekly design critiques and close collaboration with the design system team, I was able to create a set of redesigned emails that could be tested against the original.

No items found.
(05)

Research & Iterations

Collaborating with UX researchers, we conducted qualitative usability tests, comparing new emails with the originals. Initial results showed a 25% improvement in sellers' ability to identify legitimate emails. Based on user feedback, we refined the designs further, focusing on modular components for scalability. The refined designs were then tested in a large-scale survey to quantify their effectiveness, with promising results indicating a significant boost in user confidence.

No items found.
(06)

Scaling for Consistency

To serve Square's large-scale organization, we distilled the vast array of email layouts into modular components for headers, bodies, and footers. This mini design system allowed for flexibility while ensuring consistency and recognition across all emails.

Using Figma, we designed and documented these components, which were then implemented through Contentful for faster deployment. The result was a scalable system that streamlined email design across the company.

No items found.
(07)

Results & Impact

Six months after launch, the results spoke for themselves:

  • Seller Confidence Soared: An 82% confidence score in identifying legitimate emails, a 22% increase from earlier surveys.
  • Phishing Attempts Decreased: A 12.5% reduction in reported phishing cases, highlighting the effectiveness of consistent design in deterring scams.

These changes not only reduced financial losses but also strengthened trust between Square and its sellers, fostering long-term relationships.

No items found.
(08)

Lessons Learned

This project demonstrated the critical role design plays in enhancing security and trust. By creating a consistent and recognizable email system, we empowered sellers to confidently navigate communications and reduce vulnerabilities to phishing scams.

If I had stayed longer, I would have liked to explore why the new designs worked so well—did they truly deter fraudsters, or did the landscape of phishing shift?

Overall, this experience reinforced the importance of collaboration, iteration, and the intersection of design and security.