The 2025 Squarespace Phishing Scam — Here’s What You Need to Know

Written By Alyssa Parr

If you’ve recently received an unexpected email claiming that your Squarespace website needs “critical security updates,” “compliance audits,” or urgent maintenance, please do not reply because it’s a scam! 

Both in October and now again in December 2025, several of my clients have reached out after receiving one of these emails from a Gmail address pretending to be me. When I looked into it, I discovered that many other web designers in the Squarespace community had been targeted by this same phishing scam too.

These messages look professional enough to raise concern, but please know that they are not legitimate. As your designer, I want to walk you through what’s happening, what to look for, and how to stay safe moving forward. 

What This Scam Looks Like

Scammers have been sending emails that:

  • Pretend to be from your designer or developer

  • Claim that Squarespace is performing a “compliance review”

  • Warn that your site may be taken offline

  • Ask you to authorize an “audit” and/or pay a fee

  • Use fear-based language to pressure you into replying immediately

Here’s an example of one of the phishing emails my clients have received:

 

SUBJECT: Important updates for your Squarespace website

“Squarespace is starting a compliance review of every site… Sites that don’t meet the latest standards can be restricted or even taken offline without notice… I can run a quick compliance audit… Reply YES and I will start the audit right away.”

 

Even though this message may sound official, it’s completely fake.

Squarespace Has Confirmed: There Is No Security Incident

Squarespace’s Security team investigated and has made it clear:

  • There is no security breach

  • There is no platform-wide compliance review

  • There are no required security updates

  • Squarespace is not contacting customers about audits

  • Any emails like this are 100% fraudulent

They’ve also clarified that no third-party vendor or partner has been compromised.

So if you get one of these messages, you can safely assume it’s not from Squarespace — and definitely not from me.

How the Scam Works

Scammers have been:

  • Posing as real designers or past collaborators

  • Using “official-sounding” language

  • Urging quick action to prevent your site from being taken offline

  • Requesting permission, login info, or payment

They are counting on people reacting out of fear or confusion.

How to Protect Yourself

Here are simple steps you can take to stay secure:

  1. Double-check the sender’s email address
    Many of these scams come from random @gmail.com accounts — not business domains.

  2. Don’t click any links or reply
    Even replying “Yes” can give scammers an opening to engage further.

  3. Only trust emails directly from Squarespace or from me

    If something feels off, it probably is. Please know that my only legitimate email addresses are alyssa@luminescentdreams.com and hello@alyssastiles.com 

  4. Use strong passwords and 2FA

    Enable two-factor authentication on your Squarespace, Google, and other accounts for extra protection.

  5. Report suspicious emails

    If you use Gmail, you can mark them as Report Phishing.

  6. When in doubt — ask me

    If you’re unsure about an email, copy and paste the contents into a message to me rather than forwarding it. I’m always happy to check whether it’s legitimate, and this helps avoid passing along any potential tracking.

How to Tell If an Email Is Actually From Squarespace

Squarespace has a helpful support article here →

Legitimate Squarespace emails:

  • Come from official domains (never Gmail or generic addresses)

  • Do not ask you to pay someone unexpected

  • Do not threaten to take your site offline

If an email contradicts any of that, it’s almost certainly a scam.

Final Reassurance

Your website is safe.

Squarespace is not doing platform-wide reviews.
There are no surprise updates, compliance checks, or emergency audits.
You do not need to pay anyone for unexpected maintenance.

If anything ever comes up that genuinely needs attention, you’ll hear it directly from me — not from an unrecognized address in your inbox.

If you’ve received one of these messages or want me to review something that seems suspicious, feel free to reach out anytime. I’m here to help keep your website secure and running smoothly!

 
Alyssa Stiles, Squarespace Expert & CEO of Luminescent Dreams
 

Alyssa Stiles
Squarespace Expert & CEO, Alyssa Stiles Web Design

👩‍💻 Hire me to build or edit your website:   Custom Web Design | Hourly Edits | White Labeling
hello@alyssastiles.com

Alyssa Parr

https://www.luminescentdreams.com
Next

Website Power Audit Workshop and year-end checklist