Security

Security is a priority at Rulevolution, but it’s also important that you also take your own steps to help safeguard your data.

Keep your account safe

What you need to know

Your Rulevolution account may contains lots of sensitive data

  • Personal data may include supplier and customer information or even (depending on your application) personal identification numbers, salary and wage information,
  • Information on other businesses,
  • Your business data perhaps including financial data.

If you think you’re the victim of a phishing email or fraudulent activity relating to your Rulevolution account, contact Rulevolution support immediately.

If you think your login details are known by someone else, change them as soon as possible and examine the audit trail to check for unauthorised activity.

Make sure your Login is secure

Create a strong password

You identify yourself when you enter your email address and password to gain access to the data stored in your Rulevolution account.

When you log in to Rulevolution, check that the website in the address bar displays the padlock symbol. The padlock indicates that your username and password are encrypted.

To ensure your password can’t be cracked or guessed, it should be:

  • More than 8 characters long,
  • A mixture of upper case letters, lower cases letters, numbers and special characters,
  • Different from your other passwords,
  • Unrelated to your personal life – don’t use the name of your pet or child.

To create a password that is secure but not easily forgotten you can use a passphrase – a sequence of words that you can remember but is hard for someone else to guess.

Password managers can also very useful in creating and storing multiple strong passwords. You only need to remember one password to access the manager, which securely stores all your usernames and passwords.

Don’t share passwords or use shared login accounts

Never let anybody else know your password, even when you need help with a problem.

  • Each user in your organisation should have their own account so there’s an audit trail of access and data changes. This is in line with Rulevolutions terms of service,
  • We’ll never ask for your login details.

Set up multi-factor authentication

If enabled for your account – we recommend you add a second layer of security to your Rulevolution account by setting up multi-factor authentication (MFA). You need to set up MFA using your own Rulevolution login details. 

When you log in to Rulevolution, you enter your email address and password. Rulevolution will then prompt you to authenticate using an authenticator app.

Depending on the app you use, you either authenticate by using a push notification or by entering a code generated by the app. You can use a backup method if necessary.

Once enabled, even if someone discovers your password, they can’t access your Rulevolution account without also having access to your phone or backup method.

Be aware of fake sites

We have been alerted that there are websites out there that pretend to be Rulevolution or Rulevolution support but are fraudulent or malicious. It can be hard to tell if a site is fake, but some clues are:

  • Check that the website in the address bar ends in rulevolution.com, and either displays the padlock symbol or (newer Chrome) when you select View site information the browser says the Connection is Secure,
  • It lists a phone number you can call for support. We offer online support and we don’t have a support phone number,
  • The site charges additional for support. Rulevolution offers unlimited free email support (and other options depending on your subscription level) as part of your subscription, we will never levy additional charges for support,
  • The site offers support for other products or services unrelated to Rulevolution,
  • You’re asked for your login details. We will NEVER ask for login details and you should never share them with anyone.

Be mindful of phishing emails

A phishing email looks like it comes from a legitimate source but fraudulently tries to get you to provide sensitive information, such as your password or credit card details. These emails may also try to infect your device by trying to get you to click a link that goes to a malicious website or attachment.

Suspicious messages are sent to Rulevolution and non-Rulevolution customers alike. Scammers have no way of telling who might be a Rulevolution customer. They usually get email lists from the internet and target all email addresses on the list.

These emails often pretend to be invoice reminders, billing notifications or verification messages.

Scammers want to avoid raising suspicion, and attempt to make their malicious messages look convincing by:

  • Using real company logos and similar visual styles,
  • Sending from an email address that looks legitimate,
  • Using names and language that sounds authoritative or demanding.

A genuine Rulevolution email will always come from a rulevolution.com address. However, scammers have tools that allow them to impersonate legitimate domains like ours.

That’s why it’s also important to consider the message’s context and content. If you receive an email from Rulevolution that seems unusual or unexpected, please contact support for verification before acting on any content. We will NEVER ask for login details and you should never share them with anyone.

Malware & Ransomware

There’s been a increase in cybercriminal groups targeting financial institutions and business platforms (such as Rulevolution). They’ll use phishing tactics to impersonate our services, and send you malicious files (even fake pdf invoices) to open.

Clicking a link, downloading a file, (or just opening certain files) from these phishing messages can infect your devices with malware or ransomware.

Malware has the ability to monitor your activity without you knowing, and provide remote access to your infected device without your knowledge. Ransomware goes a step further, by locking you out of your devices or encrypting your data until you pay a hefty ransom fee.

In either case, your sensitive data and personal information will be at risk of theft, exposure or loss. It is very rare that even if the ransom is paid, that access is returned to the systems or data.

Rulevolution take great care with anti-malware, anti-virus and staff training for our platform, however criminals may pretend to be Rulevolution in order to install malware to access/encrypt your other systems and data.

How can you protect yourself?

As a Rulevolution customer you need to watch out for any phishing attempts that are may be impersonating Rulevolution (or other suppliers):

  • Beware that attackers will use Rulevolution branding and colours to make their messages look convincing.
  • Check that the sender’s address ends in rulevolution.com.
  • If possible hover over any links to check the real web address behind them.
  • Pay close attention to that web address, especially around the rulevolution.com part.
  • Only click a link (or download a file) if you’re certain that you trust the source and are expecting it.
  • Only reply if you’re sure the sender is genuine, and be cautious about providing any personal information.
  • Please forward any suspicious messages with Rulevolution branding to security @ rulevolution.com 

It’s a good idea to have anti-malware/anti-virus software installed on all your devices, to protect you from any malicious downloads. You’ll also want to follow the steps above to keep your account safe.

Help keep your data safe

Scroll to Top