*** Updated 7 October 2020 ***
Recently there have been a number of phishing attacks targeting us and our customers.
Our customer service team are dealing with high volumes of calls regarding the issue.
The email did NOT come from us, and is a form of scam. Please do NOT click on any of the links in the email. We take the security of customers and systems very seriously and to the best of our knowledge there has not been any breach of security.
Our senior staff are working with partners in the industry to get the malicious websites taken offline as quickly as possible.
Below are some examples of a phishing email and a fake page that the link sends users to:
A few things to watch out for with these emails:
- Bad grammar is usually a frequent giveaway. Legitimate companies take care to present their corporate communications in a way that reflects well. Sloppy English can be a sign of a scam.
- Scare tactics. Phishing emails use threatening language like ‘suspension’, ‘no longer possible to renew’ and ‘permanently deleted’. If you are surprised to be told that your service has expired, stop and think. Wouldn’t we have warned you in advance?
- Look carefully at the link you are being asked to click. The linked text may look like a normal blacknight.com address, but the actual link it points to may be different. Does a different link address appear in the status bar at the bottom of the window when you put your mouse over the linked text? Don’t click it.
- If you have clicked the link, look at the address bar at the top of the browser window. Look at the hostname (or domain name) part of the address. This is the part after ‘https://’ and before the next ‘/’. This should contain only blacknight.com, or www.blacknight.com, or cp.blacknight.com. It should not contain any other words. If it says something else, it is a fake.
- You should also note that the proper Blacknight login page includes a scam warning which is absent from the fake page.
- Blacknight sites use Digital Certificates with Extended Validation (EV). This means that the connection is secure, and also that the domain name has been independently verified as belonging to Blacknight. If you click the padlock icon in the address bar, you should see that the certificate has been issued to “*.blacknight.com” – and nothing else. If you don’t see this information, it’s not Blacknight.
We also advise customers to set up Two-Step Authentication on their Blacknight accounts, if they have not already done so.
You can read more in this press release.
If you clicked links in the emails, please let us know.