Bogus PCI emails

Anyone who owns websites will get bogus emails about domain name expiration. New to the scam list are these emails about PCI (Payment Card Industry) compliance. This is an email to a website that does not collect any credit card or other user information. So there is no merchant processor to be non-compliant with.

They start by claiming to be your PCI service provider, which they are not. Then they threaten fines, which they guess at.

We appreciate providing your PCI services.

Unfortunately your PCI service has expired, and you are now eligible to receive non-compliant fees from your merchant processor. These fees are between $19.95 and $39.95 per month; potentially from $240 to $480 per year.

This non-compliance fee may show on your merchant statement as “NON-RECEIPT OF PCI-DSS VALIDATION FEE” or “PCI NON-COMPLIANCE FEE”.

We can help you stop paying PCI non-compliance fees by successfully reporting your compliance to your merchant processor.

Call immediately at (800) 557-4684 to continue your PCI compliance program and we will:
– review your PCI compliance requirements
– provide options to simplify your PCI process
– answer any questions or concerns
– help you save on PCI related costs

If you have questions, please call us at (800) 557-4684.

Thank you,
SecurityMetrics
compliance@securitymetrics.com

One Reply to “Bogus PCI emails”

  1. Rec’d an email from Security Metrics with the mentioned fines, support, etc. I need to confirm if this is really bogus. Our institution deals with reputable banks and firms so I’m confident of compliance but would like to put a stop to this if it’s bogus.

    Appreciate any thoughts,
    –Tony

Leave a Reply

Your email address will not be published. Required fields are marked *

*