About an expensive free gift, just pay delivery.
https://omgfunnylol.com does not look like a real checkout URL to me!
The amount of personal info in it is slightly concerning!
Hmmmm same thought it was weird
What the hell!?!?!
Same here....did we all get the same 'gift'? I got a Giro Synthe helmet..
Yep, I got one too, not happy about it
They've been compromised then.
Yeap same 'gift' for me.
Ive just emailed ubyk to check they know...they are aware and web team on it...bot worrying given the level of info!!
Web team shutting the stable door....
I got the same - Giro Synthe. Some of the wording is a bit suspect - "Christmas is coming, so we have few presents for our valued clients" and "We send this product to you absolutely free". I'll be interested to hear what Ubyk have to say.
me too
the omgfunnylol.com start to the url from the email link is a bit of a giveaway?
As others with personal name and address included but so obviously dodgy.
Me too, very easy to believe when read on a phone screen considering the info they have .
Just had this email this morning, all my details (name, address, phone number) were correct, so I suspect ubyk have been hacked.
Nothing they can do to stop this now, apart from sort out their security and let everyone know its happened , and take precautions against knock on issues.
julians - MemberNothing they can do to stop this now, apart from sort out their security and let everyone know its happened , and take precautions against knock on issues.
And send us our free helmets
I would like to replace this for an MTB one, as I haven't got a road bike... ๐
Hi all,
It's James from ubky. This is a FAKE email and site! Do not order!!!
We've been up all night trying to understand how it's happened and put a stop to it. Our site uses the best SSL digital encryption and then on top of that we use cloudflair to provent hacking, we are in contact with the Police and security experts who seem to think it's most likely our server provider thats been hacked. Not all the emails to us on this our actually our customers, infact it seems so far 60% aren't, so it seems they have done this to a few companies (not sure if anyone had the Canecreek one last week). Please rest assured we DO NOT hold customers bank details, we use SagePay and PayPal to deal with the payment side of things.
The site is simply a fake version of ours, PLEASE check the domain address before ordering off any site with an offer that seems to good to be true.
Thank you customers, friends, co-riders who have been helping us with this.
On a positive note, it's bloody nice to see how great the MTB community have been and... a road helmet?! From a very frazzled ubyk staff, thanks again.
The hosting company of the fake site is based in the US is getting this site pulled down.
Thanks for the update.
One question: is there a chance the hackers know the password i use for my ubyk account? How are passwords stored on your servers, are they encrypted/hashed?
julians, it would be silly to assume anything but yes to that question. If the hackers have accessed the DB and site even if your password is encrypted then they have all the information needed to compromise it.
Your safest bet would be to change the password and change any other site where you used the same password (ideally using a password manager with different passwords for every site).