User Blogs

User Blogs

Discussions and Blogs

Apr 14
2011

Epsilon Breach Will Impact Consumers for Years

Posted by: Robert Siciliano in MyBlog

Tagged in: IT Security , Epsilon

Robert Siciliano

This week consumers are receiving messages from trusted companies such as 1-800-Flowers, Chase, Hilton HHonors and others, letting them know that their e-mail addresses have been exposed due to the recent Epsilon data breach.  This provides a perfect opportunity for cybercriminals, who may try to take advantage of the breach to send out phishing e-mails designed to steal user names and passwords.  Since consumers are receiving legitimate e-mails, they may be less suspicious of the phishing  or spear phishing ones.

Generally when a credit card is compromised a new number and card is issued making the breach a forgotten inconvenience. However when a Social Security number is breached, the victim can feel the effects for decades. Email addresses fall in the middle because consumers have the ability to change them, but often weigh the pros and cons and keep them for convenience sake.  This is what makes getting phished a higher probability.

McAfee Labs believe scammers will probably wait until they figure out how best to turn their scams into money, and may wait until the news cycle dies down.  That’s why it is important for consumers to stay vigilant for a period of time…really for the entire time you posses a hacked email address.

Here are some tips for consumers to stay safe:

- Consider ditching your compromised address and starting new.

- Be aware that companies will never ask you for credit card information or other personal information in email.  If you are being asked to provide that information, it’s a scam.
- If you are suspicious of an email, go directly to the Web site of the company that purportedly sent it and don’t follow links in the email as those may be fraudulent. Call the company’s number listed on their Web site, not the number in the email as that may be a fake
- Consider unsubscribing from email communications and re-subscribing using a new email address for commercial communications. That way you know that messages that land in that new inbox are more likely to be genuine as the new address wasn’t part of the breach

- Use the latest security software, including Web security features to protect you from going to malicious Web sites such as phishing sites

Robert Siciliano is a McAfee Consultant and Identity Theft Expert. See him discussing the Epsilon breach for McAfee on Fox News.

Trackback(0)
Comments (0)add comment

Write comment

busy

Subscribe via Email

 Your Email:

Tag Cloud

2012 abduction Aberdeen Group alarm alarms Android Apple Apps ATM Skimming Audit Bank Fraud Banking Security BillGuard BlackBerry botnet BPM breaches BS 25999 burglar burglary Business Continuity BYOD change management cheating children pictures Cloud Cloud Security Cobit collaboration Compliance computer failure Consumer IT Tips contactless credit card credit card breaches Credit Card Fraud credit cards credit fraud Cross-Device Security Cyber gangs cyber monday Cyber Security cyberbullying cybercrime cybercriminal cybercriminals cybersecurity cyberwise data Data Backup Data Breaches data security Data Storage DDOS Device Reputation digital devices Digital Forensics digital life Digital Security digitally secure Disaster Recovery DNS download DPI driver's license dumps E-Commerce eBanking Electronic Discovery Electronic ESI electronic passport EMV Endpoint Security entity theft Epsilon ERM ESI Ethics Events Facebook FCC FCPA FDIC Federal Government FFIEC Financial Crisis firewall FourSquare Fraud gaming Gartner Geo-tagging gold farming Governance GPS grc GRC evaluation GRC Marketplace GRC technology readiness GRChange Green IT grey charges guard dogs Hackers Hackproof Hacktivism holidays home invasion home security Hotspot HP IAM iCloud id ID Theft Identity theft Information Management Information Security Information Supply Insider Threat Internal Audit Internal Controls internet safety iOS app iovation IP address iphone iPhone security ISACA ISO 27000 ISO 27001 ISO 31000 IT Alignment it compliance it governance IT GRC Forum Events it risk management IT Security IT Service Management ITIL jailbreaking Jobs keylogger laptop security Litigation Malware marathon mCommerce Member Discount Mobile Mobile Apps Mobile Banking mobile device Mobile Device Management Mobile Devices Mobile payment mobile phone mobile security Mobile Wallet mSecurity Multi-Regulatory Compliance multifactor authentication myblog Network Security New Years NFC NFC app Online Backup Online Banking online dating online gaming online identity online privacy online safety Online Security online shopping Operational Management OSHA Outsourcing P2P Security Panel Partner Offers passport passwords PCI Performance Management personal data personal device Personal Security pheasting phishing Policy predator Privacy Prize Draw QR Codes ransomeware ransomware Regulation E remote access resume fraud Risk Assessment Risk Management RSA Rules safety tips scam scammer scammers Scams scareware Seasonal Security security apps security tips sext Shopping shredding skimming Skimming Fraud small business smartphone smartphones smishing Social Media social network Social Security SOX spammers spokesman Spyware SSDs Standards strangers Strategy tablets tax scams Tech tech support technology Threat Management Tokenization TQM Twitter typosquatting Virus VPN wallet web Webcast Q&A Wi-Fi WIFI WiFi password wireless
Banner