This morning we were made aware that our company name and address were used on a cleverly-crafted spoofed email designed to phish usernames and passwords from recipients. This email was not sent by Allparts Music Corp. There is no hack or data leak. Any information of yours that we have is secured by encryption and/or offline storage.
Always keep the following in mind:
1) Allparts will never, ever send an email to you that contains links to a login page.
2) Always go to https://www.allparts.com to reach us. Your browser's address bar or its text will turn green, you will see a lock icon, and your connection to Allparts will be encrypted on every page of our webstore.
3) Generally speaking, do not use the same password for different websites. This is not as difficult as it sounds; try Googling something like "create password with formula" - the first few search results will be articles with great advice on how to do this.
Below is a screenshot of what this email looks like along with some of my comments on how to identify it as fake:
Note the following:
- The email appears to come from allpart.com - we are allparts.com (with an S). More sophisticated spoofs can make this look legitimate though, so always be aware and cautious in identifying the sender of new email.
- The text hyperlink behind HERE goes to a page on http:// www. beronienergy .com (don't bother going there) - which is definitely not https://www.allparts.com. In fact, it is a fake a energy company. :(
- If you are a long-time Allparts customer then you would recognize that the text and formatting of this message is very different from what we send to customers.
Please report any future suspicious emails involving Allparts Music Corp. to us by visiting our contact page at allparts.com/contact. We are grateful for the attention of those who reported these emails to us and offer our many thanks for your continued.
- Dean P., IT Manager