Opened on Thursday 23rd September 2021, last updated
Identified — We are currently aware of a number of phishing emails that have been sent out to some of our customers These emails were not sent out by Krystal and should be deleted if received. Please do not enter your personal details or credit card information using the link. The emails, which use a template similar to legitimate Krystal emails, appear to have included a link that redirects to a Krystal branded login page using a third party domain. Once entering details into the login fields, the user is requested for personal information including credit card details. Legitimate emails from Krystal will always have a "From" address on our own domain (krystal.uk) and will include your name at the start. If you are not expecting an email from us, we recommend you always check for both of these things. More information on phishing attempts and how to recognise the emails can be found on our blog here: https://krystal.uk/blog/post/how-to-recognise-and-combat-phishing The messages we have seen are sent to <name>@domain.com rather than any specific address linked to your accounts with us and we are continuing to monitor the situation. We have no evidence to suggest there has been any compromise of any of our systems or databases. If you do receive an email of this nature, please do feel free to get in touch with us to verify its legitimacy. You can forward suspected phishing emails to [email protected] which will help us to provide appropriate advice to customers. We do apologise for any concern this may have caused.