Phishing Incident
Your Questions Answered
What is an email phishing attack?
Phishing is when attackers attempt to trick users into doing ‘the wrong thing’, such as clicking a bad link that will download malware or direct them to an unsecure website.
Phishing can be conducted via a text message, social media, or by phone, but the term ‘phishing’ is mainly used to describe attacks that arrive by email. Phishing emails can reach millions of users directly and hide amongst the huge number of benign emails.
What have Duologi done to investigate the issue?
We have dedicated a team who have investigated phishing attack incidents.
It is important to us that we review the ‘potential’ impact to our customers as priority and assess whether any personal data has been breached. As with all cybercrimes the attackers are evolving all the time and finding new ways to break through our security in an attempt to trick us – we make sure we evolve at the same rate by updating our systems ensuring they are sufficient to detect threats. Our contingency plans for future incidents enable us to react faster and become more efficient in how we respond to any future attacks.
Why is this a ‘basic’ attack?
We know that this is a basis attack because of the systems and preventatives we already had in place to protect both ourselves and customers by quarantining the phishing email and stopping it in it tracks before it reaches its intended users causing any further disruption.
What should I do if I have detected any suspicious activity?
If you detect any suspicious activity follow the advice of your email service provider. Please also contact Duologi where our team will be able offer advise on best practice.
Will this affect my credit history?
There is no affect to individuals credit history which has been a direct impact of the incident outlined in our incident letter. However, if you would like to further discuss your loan or have any concerns relating to your finance agreement you can contact us on support@duologi.com
I would like to see a copy of all personal information Duologi have stored – how do I request this?
You have the right to request this information. This is called the right of access and is commonly known as making a subject access request or SAR. Please contact compliance@duologi.com for further guidance on your request.
What do I need to look out for on my credit file?
For existing Duologi customers you’d expect to see your financed loan on some credit file agency websites – if you suspect there are additional fraudulent activity on the credit file relating to Duologi you can raise a dispute via the credit file website or contact customercontact@duologi.com
Non Duologi loan customers please contact fraud@duologi.com
We urge all potential victims of fraud to contact Action Fraud on 0300 123 2040.
What do I do, if I start to receive large volumes of calls or emails that appear to be spam, could they be related to this?
It is unlikely to be related to the phishing incident as we have identified the incident as ‘basic’ – but for your own security we advise you to follow the guidance of your email service provider.
Why did it take so long for you to notify me?
Our immediate priority was to assess and limit the impact to our customers and make sure our communication was as accurate and well informed to avoid any possible undue concern.
What will Duologi do if I become a victim of a similar incident in the future
We hope that with the provisions we have in place we will limit the cause for such communications in the future – but our promise to you will be to keep you as well informed and protected as we can in the future.
How should I contact you about this?
To make it easier for you to contact us with any questions, we have dedicated contact details. You can use any of the contact details below.
Duologi, The Square, Basing View, Basingstoke, RG21 4EB
Duologi is a trading name of Specialist Lending Ltd which is a limited company registered in the UK under number 10664999 at the registered address 10 Bressenden Place, London, SW1E 5DH, United Kingdom. Authorised and regulated by the Financial Conduct Authority.
