Search our Knowledge Base

Fraudulent emails or suspicious looking emails

(last updated on 2/16/2015) Email Format sends emails in HTML format, which includes formatted text and graphics, giving you a better user experience. Our system sends notifications both as HTML and Text-only formats to your email program, so if you have configured your email viewer to receive Text-only emails, you will not miss any messages.

A few reminders about Emails:

  • Our email notifications will include the first and last name you registered with on your account, and your User Name.
  • We NEVER include attachments to our emails.
  • sends notification emails regarding your account activity, such as buying or selling an item, bidding activity, support issues, and monthly statements. All of your activity can be verified by logging directly into the site and clicking My GunBroker.
  • You are always required to log into the site to view any pertinent information, including Buyer/Seller full contact information.
  • emails will not include a name of a third party agent to accept payment, nor links to 3rd party services to pay for your item. All transactions require the user to log into the site.
  • does not send out "second chance" offers.
  • We will never ask you for your password, social security, bank, credit card or other information via email. In the event of a billing problem we will only ask you to confirm the last 4 digits of a credit card number. We will never ask you to call a telephone number.
  • We send out emails containing links, but all links should begin with http or https and look like: There should never be any long string of numbers (ie. or % signs in the URL. After clicking a link in an email, you must verify that the Web Address URL shown on the web page in your web browser is still the same as it should be.

You can always double check the validity of your activity on by logging on to directly, and accessing My GunBroker.

Please see this FAQ on examples of fraudulent emails that have been reported.

How to protect yourself against Fraudulent/Phishing emails:

Fraudulent emails, commonly referred to as "Phishing", are designed to trick the user into giving out personal information, sending funds, or exploiting your browser. These emails may have attachments that when clicked, can install malicious software.

These emails are sent by a fraudulent third party and are not sent from our company, even though the email may appear to come from our web site. These fraudulent emails may even appear to be from an email address, and may even include official-looking privacy statements, our logo, and/or parts of our User Agreement. Because of the way Internet Email works, it is very easy to send emails with a fake return email address of any web site. Since these emails do not originate or pass through our computer systems, we are not able to prevent them.

The fraudulent email may contain a file attachment, may ask you to enter your username and password, may ask you to send money via third party agent, or it may contain web links which direct the user to a bogus website that is made to look like the legitimate site. The email may also state that you have a limited time to respond, and that your account will be suspended if you do not act immediately. These types of emails are a scam.

Examine links in email before clicking

Before clicking on any link, get in the habit of checking the link URL before clicking.

Hover your curser (don't click!) over the link or graphics in your email. A small pop up bar will reveal the true web address below the link embedded with the email.

In the examples below, the links reveal the REAL destination URL. The string of numbers and other addresses look nothing like the actual web address. The links may even include "gunbroker" at the end of the address. This is typically a folder or page hidden on a hacked server.

Examples of Masked Links:
example of masked web addresses

Always verify the Web Address URL

If you logged into our website and the address bar in your web browser began with, you were on our website and your actions were secure. After clicking a link in an email or from another website, always double check that the Web Address URL shown on the web page in your web browser is the site you intended to visit. Better yet, type in the URL by hand.

When in doubt, check account activity directly with

All of your activity can be verified by using the My GunBroker section of the site. Log into and click My GunBroker at the top of the page. For strongest security, type in in your internet browser to visit our site, or keep it bookmarked.

Change your Password

If you feel your account has been compromised, change your password.

If you are unable to log into please reset your password.


Read the MailFrontier Field Guide to Phishing:

Read this information from the FTC about phishing: