This week consumers are receiving messages from trusted companies such as 1-800-Flowers, Chase, Hilton HHonors and others, letting them know that their e-mail addresses have been exposed due to the recent Epsilon data breach. This provides a perfect opportunity for cybercriminals, who may try to take advantage of the breach to send out phishing e-mails designed to steal user names and passwords. Since consumers are receiving legitimate e-mails, they may be less suspicious of the phishing or spear phishing ones.
Generally when a credit card is compromised a new number and card is issued making the breach a forgotten inconvenience. However when a Social Security number is breached, the victim can feel the effects for decades. Email addresses fall in the middle because consumers have the ability to change them, but often weigh the pros and cons and keep them for convenience sake. This is what makes getting phished a higher probability.
McAfee Labs believe scammers will probably wait until they figure out how best to turn their scams into money, and may wait until the news cycle dies down. That’s why it is important for consumers to stay vigilant for a period of time…really for the entire time you posses a hacked email address.
Here are some tips for consumers to stay safe:
– Consider ditching your compromised address and starting new.
– Be aware that companies will never ask you for credit card information or other personal information in email. If you are being asked to provide that information, it’s a scam.
– If you are suspicious of an email, go directly to the Web site of the company that purportedly sent it and don’t follow links in the email as those may be fraudulent. Call the company’s number listed on their Web site, not the number in the email as that may be a fake
– Consider unsubscribing from email communications and re-subscribing using a new email address for commercial communications. That way you know that messages that land in that new inbox are more likely to be genuine as the new address wasn’t part of the breach
– Use the latest security software, including Web security features to protect you from going to malicious Web sites such as phishing sites
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Epsilon Breach Reminds of Security Awareness
Epsilon is a marketing company that has millions of emails on file of consumers who have made purchases or are affiliated with various banks, retailers, hotels etc. Epsilon sends over 40 billion emails out a year and was recently breached in a hack attack. Consumers are now receiving breach notifications from the likes of financial
- Criminals Prefer Pheasting on Phish Over Spam
Most of us are aware of spam, and while we may think it’s just an annoyance, what’s really dangerous about it is the fact that most spam are phishing attempts. Phishing is when cybercriminals attempt to fraudulently acquire your personal information, such as passwords and credit card details, by masquerading as a trustworthy person or
- 7 Ways to Tell If It’s a Fake
Unfortunately in today’s world, scammers are coming at us from all angles to try and trick us to get us to part with our hard earned money. We all need to be vigilant in protecting ourselves online. If you aren’t paying attention—even if you know what to look for—they can get you. There are numerous ways
- Spear Phishing Leaves a Bloody Wound
Once criminal hackers get a person’s username and email address, they can begin to launch a targeted spear phish scam. Scammers copy the design of each breached entities outgoing email campaign and blast the breached list with “account update” or other ruses. Gaming site Sega Pass was hacked. On the Sega Pass website it states, “we
- Safe Searching on Your Mobile Device
The web and especially the mobile web can be a minefield of malicious links luring you to click, so bad guys can infect your device. Search engines do their best to filter these sites out but nefarious criminals have found ways to get their scammy pages to the top of search through a process called
Leave a Comment
You must be logged in to post a comment.