Pleo is currently facing a phishing attempt where fraudulent SMS messages are impersonating the company, warning recipients about declined transactions or login issues. Users are advised not to share their passcodes or call any numbers provided in these messages, and to report any suspicious activity to Pleo's support team. The company has implemented measures to enhance security, including changing the sender name for SMS messages in Denmark.