Online Phishing Scams to Increase
By Norm Bond
What does the major theft of millions of e-mail addresses from Epsilon mean to you as a consumer?
Be extra -- careful.
We've all seen the online “phishing scams” and offers. In banking they tell you of the theft of your account. The problem is -- you don't have an account at that bank. Or a credit card with that company Another popular one is lottery winnings. You just won a $200 million in the lottery – the Nigerian Lottery. Sometimes someone has died and a barrister wants you to help get 100 million into your U.S. bank account so you can send him back half.
Well, with the theft of millions of “first names” and “e-mail addresses” look for these types of bogus offers to have a personal touch. Expect to see “Michael” or “Teresa” and the e-mail to be sent to your correct e-mail address.
Epsilon is the world's largest permission-based email service. Last week they released a statement reporting an unauthorized entry in its clients' customer database. For the most part, only emails were exposed — no passwords or other personal information.
Epsilon sends 40 billion emails per year and has over 2,500 clients, including 7 of the top 10 companies on the Fortune 500 list. A list of some of the major companies effected was reported by Security Week.
It's likely you've already received an email from one or more of them — letting you know your email was exposed, and assuring you that other info, such as your password, etc. remain safe. That's called CYA in corporate-speak. I'm sure their legal departments have been consulted -- along with public relations personnel for most of these effected brands. Epsilon is also squirming and wants to get out of the media spotlight. But most of the major damage may be yet to come. Once the creative minds get to work on the data with their graphics, wording and access to hundreds of millions of e-mail addresses and first names watch out. They'll have to move quickly because a large percentage of e-mail addresses get stale over time.
So effective immediately the spam you receive could very well take the form of fake, personalized emails including your first name that appear to be from a trusted company, tempting you to click. Don't do it. Check the address line to see where it originated from. this may be extra validation for legitimacy. If you're unsure -- leave it alone and delete it.
It may be best for you to INITIATE any contact with your favorite brands for the foreseeable future.