The primary purpose of this message is to inform all of our customers to be very aware of the malicious attacks that you are subject to by having an email account and to inform you how to best avoid being a victim.
In the past week we have been bombarded by compromised customer email accounts. When our systems track an unusual amount of email being sent from one of our customer’s accounts, they automatically lock down the account to prevent it from sending more outbound email. After that, our support team is working as fast as we can to inform customers of their account status and to help them reset their passwords.
How are our customers being compromised?
The attacks that are affecting our customers today are from an unknown source who is sending out messages to our entire base of email accounts in an attempt to get users to provide their passwords. This type of attack is called“phishing”. Its primary objective is to obtain the users’ email account passwords for the purpose of using their account to send out large amounts of email while masking their own email account. These illegitimate email messages are called SPAM.
In this latest round of attacks, the perpetrators are sending out very convincing emails to our customer base requesting that they click on a link embedded in the email and then requesting that they login to their account by providing their username and password in the fields provided. These emails include the Impulse color scheme and the company’s name in several different parts of the screen. More than ever before, these look much more like an Impulse-generated email message.
How do you avoid being compromised?
1. The most important thing to keep in mind is that as your email provider we will never send you a link to click on nor request that you provide us your username and password. We can make updates, changes, etc. to your accounts without the need for you to log in. We can spread our changes out to users without the need for you to take any action.
2. Before entering your username and password into any website, ALWAYS make sure you are on an Impulse website. To ensure this, only log into your webmail by using the bookmark in your browser OR by clicking on the link for webmail on our website, www.impulse.net. Any other website, no matter how much it resembles ours should NOT be used to enter your user credentials. If you never use webmail but only log into your email using your own email client like Outlook or Mac mail, ignore any email that asks you to login to a website and delete that email from our Outlook or Mac mail Inbox.
3. Any suspicious email that you receive that purports to be from Impulse but seems different from any that you’ve received from us in the past should NOT be clicked on but only forwarded to and reported to ‘firstname.lastname@example.org‘. In fact, if you don’t feel comfortable forwarding that to our team simply delete the email from your Inbox. Your account cannot be compromised until you enter the information they request from you.
4. Do not use the same login information for all accounts that you login to on the web. By having compromised your account in one place, the bad guys could try to access your other accounts using these credentials. If you use the same email address for username and password that gives them that much more opportunity to access those accounts as well.
The consequences of having your account compromised.
What we are seeing is that if a user provides their username and password to the “phisher”, their account begins to be used as the sender of large amounts of email. This creates large amounts of traffic on the user’s network and large amounts of email across our network. It also creates large amounts of traffic on the networks of the recipients’ providers. They, in turn track the email account to our network and disable or lock-out all email coming from the Impulse email network.
This means that effectively, no one with an Impulse-provided email account can send to for example, @gmail.com, @hotmail.com, @live.com, @msn.com until the issue is cleared up. To clear it up, Impulse must go to each of these providers and convince them that we have isolated the offending user and stopped the illicit email SPAM coming from our network. In order to achieve this, Impulse must track down and shut down the offending user from sending out any more email and then force a change to their password.
In addition to using your account for SPAM, the collector of this information now has access to your email account and may try to find other account information that you may have saved such as banking or credit card information. If they can, they will try to login to those accounts using the username and password that you use for email.
As you can see, it is a very costly issue when this occurs to just one of our users. It is costly in terms of time, money and productivity to both the user who was compromised as well as to Impulse. At the very least, it shuts down your email account from being able to send email for an undisclosed amount of time until we can resolve your particular issue and it blocks you and all of the rest of our users from being able to send to the major providers’ accounts for a different undisclosed amount of time.
In summary, please be wary of all email that you receive and DO NOT click on anything that requests your username and password. If it claims to be from Impulse, take the time to write into ‘email@example.com‘ or call us at 805-456-5800 to confirm it is from us before you provide any information.
In the short term please be aware that we have received more than 100 accounts in the past week that have been compromised and our support team is trying to work through all of those at the moment. All are due to someone feeling compelled to click on a link that they thought was an Impulse link.