The Better Business Bureau of the Southwest wants to make people in the area aware of a data breach at one of the nation’s largest online marketers.
On March 30, online marketer Epsilon announced customer data was exposed by an unauthorized entry into Epsilon’s e-mail system. Epsilon provides its services for companies such as Citigroup, Walgreens, The College Board, and many others.
Epsilon states that the information that was obtained was limited to e-mail addresses and/or customer names only. No personal financial information such as credit cards or social security numbers appeared to be exposed, according to the company’s website. The vendor sends more than 40 billion e-mail ads and offers annually, usually to people who register for a company’s website or who give their e-mail addresses while shopping.
Only days after millions of customers’ e-mail addresses were stolen in one of the largest data breaches in U.S. history, BBBSW is seeing one of the first Epsilon data breach phishing scams.
Phishing, a popular e-mailing scam, is a term coined by computer hackers who use e-mail to fish the Internet hoping to hook you into giving them your logins, passwords and/or credit card information. If you are a customer of one of the companies that had e-mail data stolen, BBBSW is warning you to be on the lookout for phishing e-mails.
Typical phishing scammers pose as reputable companies to fraudulently obtain your personal information. In this case, the BBBSW is now seeing e-mails being sent from a fake “Chase Bank,” one of the companies whose data was compromised. Following suit, the e-mail warns that “your account” will be deactivated or deleted if you do not update your profile immediately. The e-mail instructs you to update your account by clicking on the link provided.
“These hackers are looking for you to respond with vital information that can ultimately lead to identity theft,” said Jerry Shipman, president of the BBB of the Southwest.
BBBSW advises consumers that there could be other phishing e-mails shooting through cyberspace and to do the following if they suspect they have fallen victim to a phishing scam.
Never reply to the e-mail. If the message includes a link within it, never click it. Many schemers use this as way to spread a viral attack on your computer.?
Do not give personal or financial information to anyone who contacts you via e-mail. Even if they claim they are from your bank, the IRS or a law enforcement agency, these businesses will not contact you via e-mail; they will send you a letter.
Spread the word. Discuss phishing scams with all the members of your family who have e-mail addresses. Young people are very computer savvy, but may not be scam savvy, and older adults are specifically targeted by scammers because they are often very trusting.
Transmitted information should be encrypted.
When sending personal information like addresses, credit card numbers and Social Security numbers over the Internet, make sure the website is fully encrypted and the network is secure. Look for https (the “s” stands for secure) at the beginning of the URL address to confirm its security.
Know the red flags. Watch out for grammatical mistakes in e-mails. Poor grammar or misspelled words are red flags that the e-mail is probably a scam. Most importantly, never wire money based on instructions in one of these suspicious e-mails. Scammers prey on those who think they need to wire money to have a situation resolved.
Protect your computer. Keep your anti-virus software up to date and run it regularly.
Contact the Federal Trade Commission. The FTC works to legally prevent fraudulent business practices in the marketplace. File a complaint with the FTC by calling 1-877-HELP.