Dozens of Bellpenny clients received a scam email from the advice firm’s official email address after malware infiltrated its system.
The email was sent from a Bellpenny.com address and contained a zip file attachment with the following message: ‘I sent you attached copy of Bank Report for this week. Is that your amount 2,504.00?’.
If run on a recipient’s system, the malware changes the internet home page in order to gain “pay per click” revenue for the website set as the new home page.
A Bellpenny spokesman says the scam email was sent to “a few dozen clients” and that no client data was accessed apart from email addresses.
In an email to clients last week asking them to delete the message, Bellpenny said: “Our external security company have interrogated the malware and determined that no client or sensitive data has been breached, and no security risk remains to confidential data.”
The spokesman says: “Our email filtering system picks up malware 99.9 per cent of the time, but this was a variation which slipped through.
“It was picked up within minutes and eradicated, but in that time it was sent out to a small number of clients. We then wrote to those clients to reassure them.”