Anyone else had an odd email today regarding a security breach at Absolute Sounds?

Clarkey_71

Well-known member
Oct 12, 2007
245
120
18,970
Visit site
I've received a very concerning email this morning from a company purporting to be investigating Absolute Sounds for a breach of GDPR.
My immediate response was to dismiss it as spam or at worst phishing.
However, by biggest concern is the fact it has my user name and password recorded in the email.
I won't respond to the email nor click any links, but how they got my data is a worry.
Anyone else had this?
I'm going to ring them (AS), but also wanted to let people know here that something is not quite right.

Just to confirm, I'm not suggesting any impropriety on the part of AS.
 
Last edited:
A private company shouldn't be doing the investigating - that falls under the ICO's remit. Unless they are being paid as part of some sort of legal challenge, but that's usually done after approaching the ICO, not before.

Change password and user name, and do so anywhere else where you use the same password, I'd suggest.

Thinking about it, whoever passed your details on to a third party is likely to be in breach of GDPR too - it seems strange to me.
 

Friesiansam

Well-known member
Assume it is spam, delete it and change your online passwords today. There may have been a breach of Absolute Sounds security and those responsible are now phishing.

Assume any such unsolicited email is spam and delete it. Scammers will try anything.
 
Last edited:
  • Like
Reactions: Clarkey_71

Gray

Well-known member
I agree that only the ICO would genuinely be investigating a data breach.

I've always customised my e-mail address by prefixing the '@' with something specifically identifiable to whoever I e-mail.
I always check incoming addresses to me.
A few years back I received junk / spam from someone using an address I can be 100% certain that I only gave to Sevenoaks.
I contacted Sevenoaks. They assured me they never pass e-mail addresses to any third party.
 
  • Like
Reactions: Clarkey_71

jjbomber

Well-known member
I've received a very concerning email this morning from a company purporting to be investigating Absolute Sounds for a breach of GDPR.
If you hover your mouse over the sender's email address in the inbox list it will tell you who it is from.

Emails are easy enough to scam. For example, if someone has a second hand item from Absolute Sounds for sale on Gumtree, it is easy enough to get the seller's listed email address.
 
  • Like
Reactions: Clarkey_71

Clarkey_71

Well-known member
Oct 12, 2007
245
120
18,970
Visit site
If you hover your mouse over the sender's email address in the inbox list it will tell you who it is from.

Emails are easy enough to scam. For example, if someone has a second hand item from Absolute Sounds for sale on Gumtree, it is easy enough to get the seller's listed email address.

I'm usually pretty diligent with this stuff and can usually recognise dodgy emails. Hence my message here, just to ensure no one else had received the same.
As I mentioned, it's the first one that's included my user name, email address and probably most concerning, my password.
It's a good effort by the scammer!
 
I’m on the AS mailing list and I’ve not had any alert from them or anyone representing them.
Perhaps give them a ring in the morning?
 
  • Like
Reactions: Clarkey_71

jjbomber

Well-known member
That is not reliable as the sender address can be spoofed but, mousing over to check any links is a good idea.
It's not very well worded either. Let's try again. Hover the mouse over the sender's name will give the email address, so check that out.

As an example, you get an email in your inbox from ''Congratulations'' with the heading 'You have won the What Hi-fi Competition'. Hover the mouse over 'Congratulations' and it may say admin@whathifii.com as the sender. That is a scam. You can tell by the spelling mistake; the ii at the end of hi-fi. So you know to report it as phishing and not open the email.

Hope that makes more sense.
 
Last edited:
  • Like
Reactions: Clarkey_71

Clarkey_71

Well-known member
Oct 12, 2007
245
120
18,970
Visit site
I’m on the AS mailing list and I’ve not had any alert from them or anyone representing them.
Perhaps give them a ring in the morning?

Yeah. I rang them today and left a message. I'll try again tomorrow.
 

Friesiansam

Well-known member
It's not very well worded either. Let's try again. Hover the mouse over the sender's name will give the email address, so check that out.
Maybe it wasn't well worded but, my point still stands, the sender address can be and often is, spoofed so, is not a reliable guide to the origin of an email.

Whatever, if you have any doubt at all that an email is genuine, assume it is not. If it purports to be from a genuine source but, you are not sure, make direct contact with the indicated source and, do not click any links in the email. If that policy seems a bit over cautious, it is supposed to be, it could save you a lot of money and hassle.
 
  • Like
Reactions: Clarkey_71

Clarkey_71

Well-known member
Oct 12, 2007
245
120
18,970
Visit site
So I assume it was a fake email?

Not on this occasion.

It seems it was an employee of a third party who had done some work on the website approx 5 years ago. For some reason they decided to hack in and email customers. The email I received was also aggressive towards AS, so perhaps some sort of grudge. They were able to access a small number of individual's personal data, but no banking details etc.

It's all sorted now, but a bit of a worry at the time.
 

TRENDING THREADS