Jump to Blog Sidebar & Archives

Don't answer that email! Email theft and what you should know

Have you ever booked a hotel room online? Purchased an airline ticket? How about paid your mortgage or even filled a prescription online? If you have, you probably submitted your email address at some point during the transaction.

I conduct a lot of business online. I pay my bills, book travel, manage subscriptions, look at my bank statements, and submit my taxes—all online. My email address is a part of every transaction—either as a point of contact, used as my username, or both.

Why is any of this important?

Many major US companies outsource their online marketing and communications to a company called Epsilon. In fact, experts are saying that if you've ever given your email address out to any major US company, Epsilon probably has it. However, last weekend Epsilon's email servers were compromised, or hacked.

Don't panic!

As far as anyone knows (or is saying) the only information that the hackers had access to is your email address—paired with the company that used your email address. I've received notices from several companies (i.e. Target, Home Depot, Hilton) that report the hackers either had access to my name, or that they didn't. They all say that credit card and other personally identifiable information (i.e. social security numbers, drivers license numbers, etc.) aren't involved.

Should we worry?

The key word is vigilance. While Epsilon and all the companies it does business with are saying that none of your usernames, passwords, Social Security numbers, or account numbers have been compromised, you can bet that the people who stole your email address will stop at nothing to try and get that information from you.

How could they do that?

The experts are already seeing a rise in the number of "phishing" attacks. These attacks are messages sent to your compromised email address that are designed to look exactly like messages you could receive from your favorite retailer, bank, or travel company. The difference is that the message is cunningly designed to extract information from you.

Below is a list of resources you can use to find out exactly what phishing is, the scope of this attack, and what you need to look for.

If you have any questions about an email you've received, feel free to contact me and I would be glad to help.

FAQ: Epsilon email breach
Link to ComputerWorld article

Link to CNET Article

Avoid Phishing Scams
Link to CNET Article

What is Epsilon and why does it have my data?
Link to CNET Article

Should you be worried?
Link to CNN Article

How to recognize phishing email messages or links

No tags


Receive email updates when we post a new article by subscribing.



Posts by briann@cjfm.org

Posts by ericc@cjfm.org

Posts by rickh@cjfm.org