Andy Rubin’s Essential Products is having a rough summer. After first revealing its phone to throbbing hype back in June, actual delivery of the device has been plagued with delay after delay. Shipping problems have become almost comically bad, and even as it appears a few phones have finally made their way into the hands of frustrated customers, a new issue has cropped up, turning a bungled launch into a potentially dangerous security concern.
Over the past 24 hours, some customers have taken to social media to share what look suspiciously like phishing emails from the company. Emails that appear to be coming from Essential have asked customers to respond with personal info, including photo ID, signature, and billing address.
Worse yet, the sender seems to have CC’ed the email to multiple recipients, flooding their inboxes with responses containing the personal info of other Essential customers.
Emails like this, of course, raise immediate red flags as these are the typical elements of a phishing scam. Essential should already have a customer’s billing info and should not need to ask for it again in this manner.
The company has since responded on Twitter, saying that it is aware of the emails and is investigating the issue, but strangely it did not tell customers to ignore any suspicious communications.
The issue may have stemmed from a mismanaged Google group, which allowed some Essential customers to learn the email addresses of other customers. However, it’s also possible that hackers may have gained access to Essential’s customer database and are using it to try to con money out of them. Whatever it is, customers aren’t happy, and you can’t blame them as many have already been charged for a phone they have yet to receive.
We’ve reached out to Essential for comment, and we’ll let you know if we hear anything back.