Were you one of the many consumers last week who received emails from companies letting you know that their email lists had been compromised and your email may have been one of those stolen? It all started on April 1st when Epsilon, the world’s largest permission-based email provider, had a security breach.
Their 2500 clients include some of the largest brands and banks in the country, BestBuy, Capitol One, VISA, Verizon, JP Morgan Chase, Citibank, Hilton, Marriot, Target, Disney, Ritz Carlton, Tivo and Walgreens. Epsilon still has not released the full list of companies hit. I have received two emails so far and I am guessing by the look of the list of providers hit, I may get more.
What does this mean to you? Initially I was very concerned considering that the two companies I received the warnings from were both companies that could potentially have credit card information on file.
According to Epsilon, only email addresses were stolen. The big issue here is what the crooks plan to do with the email addresses. Chances are pretty great that they will use the emails to start Phishing. I have talked about Phishing before and want to remind you of a few tips to keep your identity safe.
• Legitimate companies do not ask for credit card information or other personal information via email! Be on the lookout for emails that claim to be from the companies affected asking you to “update your information” or add a credit card – they are a scam.
• Do not click on links in emails. If you need to check your account, manually type in the web address or use your bookmarks to get to the site. Criminals will put links in emails that will lead you to sites that may look like the real website but is actually a phony site set up to capture your login information and credit card numbers.
• Use the latest security software, including Web security features to protect you from going to malicious Web sites such as phishing sites
• If you do need to give out personal information online such as credit cards make sure you are on a secure website. The web address will start with https:// (note the “s”)
• If you come across a phony email or website, report it to the Anti-Phishing Working Group
Stay safe out there!
@McAfeeCyberMom on Twitter