Sometimes, people create fake emails which imitate the Wallapop design. Their aim is to use these means to steal personal information, such as passwords or invoices. This practice is known as "phishing" or "spoofing". Often the ultimate goal is to scam users by simulating fake transfers or Wallapop security messages.
Be very careful if you're asked for confidential information through an email that looks like Wallapop.
Learn how to identify fraudulent emails
By making an email look realistic, scammers hope to trick you into shipping the product or providing them with personal information that we would never ask for. Here are some tips to help you identify them:
- Wallapop or wallapay logo.
- Fake email address in the "From:" field.
- Text originating from emails sent by Wallapop, such as a shipment or payment confirmation.
- Spelling mistakes or strange expressions.
- Occasionally, some form of police badge.
Verify that it comes from a Wallapop domain
Fraudulent emails try to give the impression of coming from Wallapop and the best way to identify them is by looking at the domain which they're written from.
All Wallapop emails are sent from official domains, which means that they will only come from email addresses with the following domains:
- @wallapop.com
- @ban.wallapop.com
- @info.wallapop.com
- @news.wallapop.com
- @report.wallapop.com
If you've received an email from any other address, it's not from Wallapop.
Can the tone of the message be indicative of attempted fraud?
Yes, fraudulent emails and websites often send messages with an urgent tone that may threaten to suspend the user's account if they do not provide certain data immediately.
If you have any doubt about the authenticity of a profile, please report it so that we can review it through the same chat. Here you'll find the instructions to do so.