Phishing attack hooks ADI customers

Sydney-based wide-format printer and display supplier ADI Displays has been hit with a cyber security breach affecting more than 1000 of its customers.

Two compromised staff email accounts were used to send out a phishing email (pictured below) to their contact lists, which contained links to a bogus site that asked for customer login details. According to ADI’s William Qian, the company acted quickly upon receiving calls from customers.

“We also received a notice from our email provider, who stopped processing emails from those accounts and reset our details so we could log back in.

“There’s been no financial damage to us, but we advise our customers to change their passwords if they entered them into the fake site,” he said.

Qian told Print21 that ADI has updated its password policy to ensure staff members now change their passwords regularly to prevent a re-occurrence.

“We’ve also adopted two-factor authentication, which sends a code to your mobile when you try to log in. Even if someone gets your password, without the code sent to your phone, they can’t log in,” he said.

Phishing is a type of cyber-attack that relies on enticing victims to enter their details into phony sites; when targets give up their login details, those are used for fraud and identity theft. Security software provider Emsisoft urges internet users to be aware of suspicious messages.

“Be cautious when clicking on links in any emails, text messages or instant messages – even if they seem to be sent from a familiar or trustworthy source. Hover over links before clicking on them to check that the URL leads to a legitimate website, and never divulge your password, PIN number or other sensitive data.

“If you’re in any doubt, double check with the sender before clicking anything suspicious,” the company said.