Oops, we were hacked on Friday. Thanks to the several customers and contacts that left us know. We quickly reset all passwords, reported the attack to GoDaddy, found out that GoDaddy also wanted us to pay for new scanning of all inbound and outbound messages, as well as for blocking phishing emails originating from outside our domain, so we had to pay for that. We sent out a message to our newsletter email list alerting customers of the attack. Also, we are running Antivirus scans on our computers.
From who received the emails, it was clear the attack came from a compromised email account, rather than our newsletter or e-commerce platforms. So we have taken the step needed to secure our email accounts.
The attack was rather clumsy, with the the Subject line “IMPORTANT MESSAGE !!!”. Congratulations to all our customers with phishing training that smelled a rat. Hopefully you all did.