Docs
APIs & SDKs
|
Create account
Sign in
Verify you are on an official Stripe webpage
Fraud

To verify that you are actually on Stripe's website, you can check that the domain you are on is one of the following:

  • stripe.com
  • stripe.dev
  • stripe.events
  • stripe.global
  • link.com

If you are unsure, follow this procedure:

  1. Look at the text displayed in the address bar. This is the URL.
  2. If the URL starts with https://, ignore this portion of the text in subsequent steps.
  3. Find the first / in the URL. If you see it, ignore it and everything that comes after in the URL.
  4. Check that the remaining text is either stripe.comstripe.events, etc., or it ends with .stripe.com.stripe.events, etc.

Example on Google Chrome

Example Chrome address bar

Here, Chrome doesn't show the https:// prefix in the URL. However, it does show /dashboard. This should be ignored since we are ignoring the first / in the URL and everything that comes after. Finally, we find that the remaining URL ends in .stripe.com, meaning this is a legitimate Stripe webpage.

Example on Firefox

Example Firefox address bar

Here, Firefox shows the https:// prefix, which should be ignored. Then, we also ignore /login since we are ignoring the first / in the URL and everything that comes after. Finally, we find that the remaining URL ends in .stripe.com, meaning this is a legitimate Stripe website.

Example on Safari

Example Safari address bar

Here, Safari, by default, doesn't show the https:// prefix and hides the / and everything that comes after in the URL. We note that the URL ends in .stripe.com, meaning this is a legitimate Stripe website.

Example URLs

These are real Stripe URLs:

  • https://dashboard.stripe.com/login
  • https://stripe.com
  • dashboard.stripe.com/payments
  • https://connect.stripe.com/express_login

These are not real Stripe URLs:

  • https://dashboard-stripe.com/login: the portion left after removing https:// and /login does not end in .stripe.com (notice the hyphen). This is a phishing site.
  • dashboard.stripe.com.example.com: the URL ends in .example.comnot .stripe.com, so this is a fake website. (There is no https:// prefix or / to remove.)

Additional Information

Did this answer your question?
Related articles
Verified Stripe Domains
Phishing attacks happen when a malicious source tries to get you to provide private information by pretending to be a legitimate company, colleague or…
Account
·
Fraud
Privacy practices for refunds to end customer bank accounts (end customers)
What is Stripe? Stripe builds technology that's used by millions of companies around the world such as Amazon, Google and Zoom. We help with…
Refunds
Introduction to fraud and disputes in Mexico
Stripe is a payment processor Stripe is a payment processor and not a digital wallet. When choosing a payment processor, you'll be responsible for…
Disputes
·
Fraud
Popular topics
1099
Account
Atlas
Billing
Connect
Disputes
Getting started
Invoice
Payments
Payouts
Privacy
Refunds
Taxes
Third-party integrations
Verification
Popular topics
1099
Account
Atlas
Billing
Connect
Disputes
Getting started
Invoice
Payments
Payouts
Privacy
Refunds
Taxes
Third-party integrations
Verification
What is Stripe?
Learn more about Stripe and our products.
Stripe docs
Get familiar with the Stripe products and their features.
Contact Sales
Talk to our team for questions about Stripe capabilities and pricing.
API reference
Explore complete reference documentation for the Stripe API.
Developer chat on Discord
Chat live with other developers on the official Stripe Discord.
© Stripe