Anyone else had an odd email today regarding a security breach at Absolute Sounds?

Clarkey_71 · Jan 18, 2021

I've received a very concerning email this morning from a company purporting to be investigating Absolute Sounds for a breach of GDPR.
My immediate response was to dismiss it as spam or at worst phishing.
However, by biggest concern is the fact it has my user name and password recorded in the email.
I won't respond to the email nor click any links, but how they got my data is a worry.
Anyone else had this?
I'm going to ring them (AS), but also wanted to let people know here that something is not quite right.

Just to confirm, I'm not suggesting any impropriety on the part of AS.

GSV Ethics Gradient · Jan 18, 2021

A private company shouldn't be doing the investigating - that falls under the ICO's remit. Unless they are being paid as part of some sort of legal challenge, but that's usually done after approaching the ICO, not before.

Change password and user name, and do so anywhere else where you use the same password, I'd suggest.

Thinking about it, whoever passed your details on to a third party is likely to be in breach of GDPR too - it seems strange to me.

bigboss · Jan 18, 2021

Why did they email you? Did they want you to change password or reconfirm details? Sounds fishy to me.

Friesiansam · Jan 18, 2021

Assume it is spam, delete it and change your online passwords today. There may have been a breach of Absolute Sounds security and those responsible are now phishing.

Assume any such unsolicited email is spam and delete it. Scammers will try anything.

Clarkey_71 · Jan 18, 2021

I think it is phishing, but it's the most detailed one I've ever received and certainly the first with all my personal details mentioned.
I think that's what has concerned me the most.

michael hoy · Jan 18, 2021

Pop your email address in this site and it will tell you of any known sites that have been compromised that held your details.

It is safe.

Gray · Jan 18, 2021

I agree that only the ICO would genuinely be investigating a data breach.

I've always customised my e-mail address by prefixing the '@' with something specifically identifiable to whoever I e-mail.
I always check incoming addresses to me.
A few years back I received junk / spam from someone using an address I can be 100% certain that I only gave to Sevenoaks.
I contacted Sevenoaks. They assured me they never pass e-mail addresses to any third party.

jjbomber · Jan 18, 2021

Paul Clarke said:
I've received a very concerning email this morning from a company purporting to be investigating Absolute Sounds for a breach of GDPR.

If you hover your mouse over the sender's email address in the inbox list it will tell you who it is from.

Emails are easy enough to scam. For example, if someone has a second hand item from Absolute Sounds for sale on Gumtree, it is easy enough to get the seller's listed email address.

Clarkey_71 · Jan 18, 2021

jjbomber said:
If you hover your mouse over the sender's email address in the inbox list it will tell you who it is from.

Emails are easy enough to scam. For example, if someone has a second hand item from Absolute Sounds for sale on Gumtree, it is easy enough to get the seller's listed email address.

I'm usually pretty diligent with this stuff and can usually recognise dodgy emails. Hence my message here, just to ensure no one else had received the same.
As I mentioned, it's the first one that's included my user name, email address and probably most concerning, my password.
It's a good effort by the scammer!

Clarkey_71 · Jan 18, 2021

michael hoy said:
Pop your email address in this site and it will tell you of any known sites that have been compromised that held your details.

It is safe.

Cheers.

Nothing since March 2019.

It's an odd one, that's for sure!

nopiano · Jan 18, 2021

I’m on the AS mailing list and I’ve not had any alert from them or anyone representing them.
Perhaps give them a ring in the morning?

Absolute Sounds International Distributors & Consultants/ Contact Us

Absolute Sounds are consultants and distributors of high end audio components from manufacturers such as Audio Research, Artesania, Constellation Audio, Copland, Dan D'Agostino, Dartzeel, dcs, DCS, EAT, Europe Audio Team, Franco Serblin Studio, Jadis, Kalista, Koetsu, Krell, Metronome...

www.absolutesounds.com

Friesiansam · Jan 18, 2021

jjbomber said:
If you hover your mouse over the sender's email address in the inbox list it will tell you who it is from.

That is not reliable as the sender address can be spoofed but, mousing over to check any links is a good idea.

jjbomber · Jan 18, 2021

Friesiansam said:
That is not reliable as the sender address can be spoofed but, mousing over to check any links is a good idea.

It's not very well worded either. Let's try again. Hover the mouse over the sender's name will give the email address, so check that out.

As an example, you get an email in your inbox from ''Congratulations'' with the heading 'You have won the What Hi-fi Competition'. Hover the mouse over 'Congratulations' and it may say admin@whathifii.com as the sender. That is a scam. You can tell by the spelling mistake; the ii at the end of hi-fi. So you know to report it as phishing and not open the email.

Hope that makes more sense.

Clarkey_71 · Jan 18, 2021

nopiano said:
I’m on the AS mailing list and I’ve not had any alert from them or anyone representing them.
Perhaps give them a ring in the morning?

Absolute Sounds International Distributors & Consultants/ Contact Us

Absolute Sounds are consultants and distributors of high end audio components from manufacturers such as Audio Research, Artesania, Constellation Audio, Copland, Dan D'Agostino, Dartzeel, dcs, DCS, EAT, Europe Audio Team, Franco Serblin Studio, Jadis, Kalista, Koetsu, Krell, Metronome...

www.absolutesounds.com

Yeah. I rang them today and left a message. I'll try again tomorrow.

Friesiansam · Jan 18, 2021

jjbomber said:
It's not very well worded either. Let's try again. Hover the mouse over the sender's name will give the email address, so check that out.

Maybe it wasn't well worded but, my point still stands, the sender address can be and often is, spoofed so, is not a reliable guide to the origin of an email.

Whatever, if you have any doubt at all that an email is genuine, assume it is not. If it purports to be from a genuine source but, you are not sure, make direct contact with the indicated source and, do not click any links in the email. If that policy seems a bit over cautious, it is supposed to be, it could save you a lot of money and hassle.

Clarkey_71 · Jan 19, 2021

Spoke to Riccardo at AS today. He confirmed they are aware of the issue and explained what has happened. It's a long story, but ultimately it's an isolated issue that is being investigated.
Cheers to all who gave advice.

James83 · Jan 19, 2021

So I assume it was a fake email?

Clarkey_71 · Jan 20, 2021

James83 said:
So I assume it was a fake email?

Not on this occasion.

It seems it was an employee of a third party who had done some work on the website approx 5 years ago. For some reason they decided to hack in and email customers. The email I received was also aggressive towards AS, so perhaps some sort of grudge. They were able to access a small number of individual's personal data, but no banking details etc.

It's all sorted now, but a bit of a worry at the time.

Anyone else had an odd email today regarding a security breach at Absolute Sounds?

Well-known member

Moderator

Moderator

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Well-known member

Similar threads

Share this page