Our team has adjusted our roadmap to prioritize additional security features that we believe will substantially reduce the risk from similar attacks in the future. While we do not currently have an ETA for when these additional features will become available, our team is actively working on those efforts now.
The ability to add new credit / debit cards for Instant Payouts will remain disabled until that work is completed. When these additional security features are launched, we will send out an announcement and additional communication around the restoration of full functionality to Instant Payouts.
Posted Dec 07, 2021 - 17:02 EST
Update
Our team has restored the functionality of Instant Payouts through ShootProof Pay. We have temporarily disabled the addition of new debit card accounts to ShootProof Pay as our team continues to monitor any remaining impact from this event. We will post additional updates as we close out our investigation and restore this remaining functionality.
Posted Oct 25, 2021 - 13:21 EDT
Monitoring
On 10/21/21, a small number of ShootProof customers (less than 20) reported being locked out of their accounts. Through our investigation, we found they had been fooled by a phishing email from hackers pretending to be ShootProof.
The email contained a malicious link asking users to log into their accounts on a fake, lookalike page. This fake webpage then passed their credentials to the hackers, giving the hackers access to their ShootProof accounts. This is a common phishing tactic used to get individuals to unknowingly give sensitive information directly to attackers.
If you did not receive or click the link in the email, your account is safe from this incident. If you think you have been part of the phishing attack, please reach out to us at support@shootproof.com for next steps.
Our Product Support Team has helped users get back into their accounts and is working on resolving any additional reports. We have also temporarily suspended Instant Payouts (regular payouts are not impacted).
With over 240,000 phishing attacks occurring every year in the United States alone, phishing is something the ShootProof Team takes very seriously. We are working with law enforcement to support any investigation into criminal activity.
While we take every measure to secure our users’ accounts, preventing phishing attacks starts with education. October is Cyber Security Awareness Month. To help you stay safe online, check out these resources on preventing phishing, courtesy of the FTC and Cybersecurity and Infrastructure Security Agency:
In order to minimize the impact on users’ accounts, we have temporarily suspended Instant Payouts. Clients can still place and pay for orders. Regular payouts are not impacted.
Posted Oct 21, 2021 - 16:22 EDT
Investigating
We’ve had a phishing incident reported and are actively investigating it. Some users report receiving an email claiming “Your ShootProof Payouts Are Suspended.” THIS IS A PHISHING EMAIL.
USERS SHOULD NOT CLICK the button/link contained in the phishing email.
Users who received the email and clicked the link should do the following immediately:
1) Update their ShootProof account password.
2) Users unable to log into their accounts should contact support@shootproof.com ASAP to have login credentials restored.
3. Users should also update any other potentially compromised passwords. If the same password is used to log into any other accounts (email, social media, etc.), please CHANGE THE PASSWORD AS SOON AS POSSIBLE.
We are actively working to resolve this issue and we’ll continue to share updates as our investigation unfolds.