trade.io “spoof” email containing a link to a malicious file was sent to certain clients

On Monday, October 29, 2018, 11:36:04 AM EDT, trade.io wrote:

logo-light.png
“ToS Email” Resolution
Dear TIOnauts,

Our security team has completed its review of the “ToS Email” incident earlier today in which a “spoof” email containing a link to a malicious file was sent to certain clients.

The root cause has been identified, and traced back to a support team member’s machine. For security reasons, we’re not going to explain how the machine became infected, but security has a firm grasp on how it occurred. A few important notes:

1) The only client information compromised was the email address attached to the specific clients that were in contact through email or live chat with the support representative that had access to this machine.

2) Any sensitive information, beyond email addresses, i.e. KYC information, etc. are not accessible by the support team, and as a result have not been compromised. Obviously for safety reasons, we’re not going to divulge how sensitive information is kept, but the only information the support team has access to are email addresses.

3) The security team has taken additional steps to ensure incidents like this don’t occur again, as this was preventable and occurred due large in part to human error.

trade.io apologizes for any inconvenience caused, and urges everyone when something seems strange with any emails you receive, to please contact support immediately.

While this situation appears to have been preventable, there will undoubtedly be issues that are out of our control, and we don’t want anyone getting harmed as a result of it, as its more and more obvious trade.io is being targeted by multiple bad actors.

On a side note, we sincerely appreciate everyone that reached out to us on Telegram to alert us regarding this issue.

Warm regards,

trade.io Management
trade.io Piazza Santa Lucia 7 Lugano Massagno CH-6900 Switzerland
View Online | Unsubscribe