Customers of the UK organisation HIDS4U have been warned of phishing emails after a database containing customer information was found online. The breach was brought to light on a PistonHeads discussion board when previous customers reported receiving suspicious emails.
The phishing email offered customers a free dash cam for their continued loyalty. To receive the free gift, recipients were asked to confirm their delivery address and pay for postage. The subject of the email is said to have contained the words ‘special delivery’ along with a fake reference number. The link within the email directed users to a website that was posing as HIDS4U’s site.
The database of breached accounts was subsequently discovered on a hacked website and included the names, addresses and contact information of more than 4,000 HIDS4U customers. It has not been revealed when the breach occurred.
An email from HIDS4U to its customers stated:
It looks like our site was breached some time ago (we’re still investigating the exact time frames) and it is this data that is being used. It looks like they have obtained email, name and address details. However please be aware that we do not and have never stored any credit/debit card details. Therefore they would not be able to take any payments from your account unless you act on the phishing emails.
The email goes on to advise those who have clicked on the suspicious link within the scam email to cancel their payment card with immediate effect.
HIDS4U also stated that it takes “website security very seriously and will once again look at any further measures we can take to ensure no further breaches are made”.
Phishing attacks are on the increase, and the success of this scam shows the importance of remaining vigilant.