I received a suspicious email and I'm not sure it's actually from Ada. What do I do?

Never send sensitive information over communication channels such as email, instant messaging, or social media, even if the message requesting information appears to be legitimate. To send sensitive information to Ada, contact us through our contact form. There have been incidents where unaffiliated third parties have sent emails pretending to be from Ada. These emails were sent to random email addresses and had no connection to our data or our systems. Ada’s emails will always come from the “ada.com” domain.

How does this happen? Phishing happens when a malicious actor tries to get you to share private information by pretending to be a legitimate company, coworker, or someone else you trust. They often look very much like official emails, websites, tweets, Facebook posts, etc, and can easily get your personal data if you’re not on the lookout. Ada will occasionally send email notifications, so it's always worth checking some key details: 

• Check the URL before clicking on a link. On a web browser, hover over the link and look at the URL that shows up on the bottom of your browser – does it start with https and point to a page at *.ada.com?
• Our emails will always come from the “ada.com” domain, and you can always reply directly to the message to get in touch with us. Never click on links, download any information, or share any personal data with suspicious, unknown sources. 
• Only type your password into websites after double-checking that it’s really the website you want, and not just one that’s made to look like Ada. Check the domain name for typos (ie, “aider.com”). Check for our Extended Validation Certificate. This usually looks like a lock next to the URL and, if you click on it, you can validate the certification and confirm that the site you are on is actually Ada’s. 
• Most importantly, stay alert. It’s always a good idea to have a strong password on your account. You always have the option to reset your Ada password.

If you suspect any message might be a phishing attempt or receive a suspicious email from Ada, please forward the full message along with the email headers (if you know where to find them) to [email protected] and ask if it is legitimately from Ada.