Why this matters
Impersonation scams are common, and corporate services clients are a known target. A scammer pretending to be Cosmos can ask for documents, redirect a payment, or trick you into giving up account details. Knowing what real Cosmos communication looks like, and what fake communication tends to look like, protects you.
Where real Cosmos messages come from
Cosmos communicates with you through the in-platform chat and through email. Real emails from Cosmos come from addresses on cosmos.global. The most common are messages from named members of the team using a cosmos.global email address, automated notifications from a no-reply or notifications address on cosmos.global, billing receipts from our payment provider Stripe on behalf of Cosmos, and privacy or compliance correspondence from [email protected] or [email protected]. Any message claiming to be from Cosmos that does not come from a cosmos.global address, or a clearly identified Stripe receipt, deserves a second look.
What real Cosmos communication does not do
It does not ask for your password.
It does not pressure you to act urgently on something you did not initiate.
It does not ask you to redirect a payment to a new account at short notice.
It does not ask you to confirm your full payment card details by email or chat.
It does not ask you to install software, share your screen with an unknown person, or click through to verify your account from a link in a surprise message.
If a message claiming to be Cosmos does any of these things, treat it as suspect.
What to check before you act
Before clicking a link or replying with information, three quick checks rule out most fakes:
Look at the sender address. Not the name, the actual email address. cosmos.global is real; lookalike domains, such as ones that swap or add a letter, are not.
Hover over a link before clicking. The real destination should also be on cosmos.global or a recognised provider. If it points anywhere odd, do not click.
If in doubt, come to us directly. Do not reply to the suspect message. Open Cosmos in your browser yourself, or start a chat with us, and ask whether the message is genuine.
If you have already responded
If you have already clicked a link, shared information or signed in to a site you are unsure about, do not panic, but do act quickly. Change your password, sign out of all sessions, and tell us. See If you think your account has been compromised.