Anyone else had the email from PHd offering a free bag ?
One of the better scam emails I've seen, but a free PHd bag certainly sounded too good to be true !

Now concerned about what other personal data PHd had that are now in the hands of some Russian criminals...

Not had the scam email but just after reading your post I received this from PHD.

"We have been alerted that some of our customers have been targeted by a spam email telling them they have won a sleeping bag and asking them to claim the bag by paying for postage.

This email did not originate from PHD.

We will never ask a customer to pay for postage to claim a prize.

The PHD Team"

Yes I got the email then later on got the spam.
Very pissed off as to how my details were given out but also very confused as to why both emailed came from the very same email address.
I've emailed them back asking how these 2 things could have happened

Basically email spoofing, it's not the originating email address that's important but the links within the email, clicking on them could install malware etc.

Blimey. A properly niche phishing expedition.

Yep got the free sleeping bag offer and straight after one from PHD issuing the warning
( I wasn’t going to click that link - no way)

But John’s right, there must have been a breach somewhere for them to get access to PHD’s customers, but I wonder if that breach happened not within PHD’s systems but sub-systems which its system has used....

which is no excuse and is not good enough.

PHD should investigate AND let people know what happened (without giving anything away if that’s possible)

Depending on the systems involved it might not be immediately apparent what the entry point was. The server logs should give a clue but the breach might have been some time ago and the criminals have been waiting to send out the spam. They could have been trying to crack passwords for example. Interesting/strange that they didn't spam everyone so there might have been some filtering going on - nothing appeared in my spam folder (several other ones appeared today but not one from PHD).

Clever though...

Hack PHD small company with probably not the greatest IT and fairly high value products... pick up a few 1000 emails and send a phishing scam asking for postage.

PHD need to acknowledge how they got the customer email addresses though.

Email just in from PHD...........

Dear PHD Customer

Unfortunately, as is increasingly common these days, PHD have been targeted by hackers. They have stolen some of our customers’ email and postal address (but NOT debit/credit card details).*

They also targeted our website with a distributed denial-of-service attack.

If you have received an email asking you to pay for postage to receive a free sleeping bag, DO NOT input your debit/credit card details. This is a phishing email intended to try to harvest your debit/credit card details.

If you have inputted your debit/credit card details on the phishing website to try to claim the free sleeping bag, please contact your bank as soon as possible to tell them that your card details may have been stolen.

We have already spoken with a security expert, the UK police and our web hosting company and are working hard to find out more about how this attack took place.

The PHD Team

[Apologies for cross-posting, but we wanted to make sure all our customers received the latest information on this attack as soon as possible]

* We do not hold any of our customers’ debit/credit card details. All transactions are passed through our payment provider PayPoint.

Matt wrote:Clever though...

Hack PHD small company with probably not the greatest IT and fairly high value products... pick up a few 1000 emails and send a phishing scam asking for postage.

PHD need to acknowledge how they got the customer email addresses though.

Probably a script that tests every business/site for unpatched vulnerabilities. A DDOS attack on such a business is unusual though unless there was some form of blackmail following it.

This email just came through:

"Following up from the emails we have sent over the last few days about the hacking attack on PHD’s website, we are writing again with some new information.

The database that the hackers gained access to included the passwords (in encrypted form) used by PHD customers to login to their account on PHD’s main website.

If you are a PHD customer who has an account on our main website we would, therefore, advise you to change your password. Furthermore, if you use that same password on other sites we would advise you to change it on those sites too.

We have taken extra security measures on our website and both the web hosting company and the Cybercrime unit for North Yorkshire Police are currently investigating the situation.
"

Anyone know how long delivery takes on the free bag? Can imagine they've got a lot of demand!

In Reverse wrote:Anyone know how long delivery takes on the free bag? Can imagine they've got a lot of demand!

If you give me your address, credit card details, Mothers maiden name, DoB, then I'll find out for you Andy !