At Rebel, your security is our top priority. As the industry evolves, phishing attempts—where attackers impersonate a trusted company to steal credentials—are becoming more sophisticated. To "win every fight," we need to stay one step ahead together.

1. How to Identify a Phishing Email

Before clicking any link or taking action, perform these three security checks:

Check the Sender Address

Do not trust the "Friendly Name" (e.g., "Rebel Support"). Attackers often spoof the display name.

• The Golden Rule: Official Rebel communications will always end in @rebel.com.

• Our Standard: Automated alerts typically come from no-reply@rebel.com.

• Pro-Tip: If you are using webmail, click on the sender's name to reveal the actual email address behind it. If it doesn't end in @rebel.com, it is a scam.
   

Inspect the Links

Hover your mouse over any button or link (without clicking!) to see the destination URL.

• Red Flag: If the link looks like https://asendmail.com/rebel.com... or any domain that isn't rebel.com, it is malicious.

• The Reality: Rebel does not send unsolicited "Account Verification" links. The only time you will receive a verification link is if you are currently in a live conversation with our team and we have explicitly told you we are sending one.
   

Trust Your Instincts

If an email feels "weird," urgent, or threatening, do not take chances. It never hurts to double-check.

2. How to Report a Scam to Rebel

If you receive a suspicious email, please report it to us before you delete it or mark it as spam. To investigate and take down these fraudulent sites, our security team needs the Email Headers or the Source Code.
 

Option A: Send us the Email Header

Headers contain the digital "fingerprints" of the sender. You can find instructions on how to view and copy headers for your specific mail client here:

• Classic Outlook - View internet message headers

• New Outlook 365 - View internet message headers

• Thunderbird (Mac) - View Full Message Headers

• Thunderbird (Windows) - Check Email Headers

Option B: Using Rebel Cloud Mail (mail.rebel.com)

If you use our webmail service, reporting is easy:

1. Log in to mail.rebel.com.

2. Open the suspicious email.

3. Click the three dots (More Actions) in the top right.

4. Select Save as file (to send us the .eml file) OR select View Source and copy the text to paste into a chat or email to us.

3. IMPORTANT: The "Cloaking" Tactic (Disclaimer)

Phishing attacks have become highly targeted. Our System Administrators have identified that these specific attackers use "cloaking" technology to hide their malicious pages from security teams.

• The "Resource Limit" Trick: If you access the link from a corporate network, a VPN, or from outside of Canada, you may see a message saying "Resource limit exceeded" or be redirected to an innocent-looking webmail login page. This is a tactic used to hide the scam from researchers.
   

• The Target: The malicious content is often designed to only appear for users on Canadian residential internet connections.
   

• The Trap: If you are at home in Canada, the landing page will look identical to our official Rebel.com login page. They have carefully copied our design to trick you into entering your credentials.

Do not be fooled: Just because a link appears "broken" on one device doesn't mean it isn't dangerous on another. If the URL doesn't start with https://www.rebel.com, it is a trap.
 

4. Need Verification? Contact Us Right Away

If you are ever unsure, contact us through our verified channels before interacting with the email. We would much rather confirm a legitimate email for you than help you recover a compromised account.

• Live Chat: Start a Chat (Mon-Sun, 8am-10pm ET)

• Email: service@rebel.com

• Phone: 1-844-548-2157

Don't risk it. Let's win the battle against phishing together.