How can I keep my account safe and secure?
The best way to keep your account (and the data within it) secure is to make sure that you never provide your login information to anyone else. When someone has your login credentials, they gain complete control over your account and all your subscriber information.
A big part of keeping your login information secure is to keep a sharp eye out for phishing attempts or other social engineering tactics--essentially, make sure that people and websites that you're entrusting with your information are who they say they are.
What is phishing?
Phishing is a method used to commit identity theft by tricking users into giving away their login information, passwords, and other sensitive information.
This is generally done by sending an email or other message to a user claiming to be from a representative of a company, directing them to a site which looks like the company's site, then asks them to provide their login information. This information can then be used to access the user's account.
How do I know I can trust an email from AWeber?
First, look at the from address on the email. Anyone from AWeber will have an email address that ends in "@aweber.com".
Even if an email looks like it is coming from "@aweber.com," make sure that the actual links in the message are taking you to aweber.com - not some other website. Take a look at the next section for more detail.
When should I feel safe providing my login information?
The short answer is: when you're on AWeber's web site. So how can you be sure you're only providing information to us directly?
Make sure that the URL that your browser displays starts with:
Note: https://auth.aweber.com is the URL you will be directed to when authorizing an integration, like the AWeber for WordPress plugin. https://labs.aweber.com/ is typically used by developers who are coding integration through AWeber's API.
If it starts with anything else (again, check for misspellings!), it may be best to contact us.
Here are some examples of what those URLs will look like in different browsers:
When in doubt, simply type "aweber.com" directly into your browser to ensure that you are visiting the correct site.
What can I do if my login information has been compromised?
If you suspect that you have fallen victim to a phishing attempt, or that someone has gained access to your account via some other means, you should immediately take these steps:
- Change your password
The first thing to do is change your password - the quicker the better. Log into your account at https://www.aweber.com/login.htm, then go to your profile settings to change your password.
- Check your account settings
After changing your password, check to make sure that everything is still as you want it in your account. It's especially important to make sure your contact information hasn't been changed.
- Contact us
Finally, contact us - let us know what happened and when, so we can take steps to prevent abuse of your account as well as any others that might have been targeted.