Dear Customer,
We are currently aware of a number of phishing emails that have been sent out to some of our customers containing the following copy and a link to “Validate my account”
“Due to many unread messages in your mailbox, please confirm that you are the owner of this webmail and follow the instructions in the link below to avoid suspending your subscription”
These emails were not sent out by Krystal and should be deleted if received. Please do not enter your personal details or credit card information using the link.
The emails, which use a template similar to legitimate Krystal emails, appear to have included a link that redirects to a Krystal branded login page using a third party domain. Once entering details into the login fields, the user is requested for personal information including credit card details.
Legitimate emails from Krystal will always have a "From" address on our own domain (krystal.uk) and will include your name at the start. If you are not expecting an email from us, we recommend you always check for both of these things.
More information on phishing attempts and how to recognise the emails can be found on our blog here: https://krystal.uk/blog/post/how-to-recognise-and-combat-phishing
The messages we have seen are sent to <name>@domain.com rather than any specific address linked to your accounts with us and we are continuing to monitor the situation.
We have no evidence to suggest there has been any compromise of any of our systems or databases.
If you do receive an email of this nature, please do feel free to get in touch with us to verify its legitimacy. You can forward suspected phishing emails to phishing@krystal.uk which will help us to provide appropriate advice to customers.
We do apologise for any concern this may have caused.
Kind Regards
David Kimberley
Chief Operating Officer
|