Tuesday, April 05, 2011
If you haven't heard the news, a major email marketing firm, Epsilon, experienced a breach of their computer systems allowing the exposure of an unknown number of client names and their associated email addresses. Should you be significantly concerned about your name and email being stolen? Well, according to most security experts, the answer is not really. BUT, those same security experts are telling you that you do need to be aware of the potential to have your email address used to get YOU to give information to users of your boosted email address in an effort to steal your identity or gather additional personal information that could be harmful.
The challenge with this particular compromise is that these hackers KNOW the email addresses they have are valid. Since they know your registered name AND your email address, they can create fake emails that look like those emails sent by the legitimate users of the marketing firms. This technique is known as "spear phishing" for information. Emails will sport logos and images that make you believe that your are being contacted by the legitimate company. The problem is that they may ask you for more information, your social security number, passwords and even account numbers. In some cases, they will give you links to bogus websites or have you run an imbedded application that will save and send your personal information to their databases. Once they get you to send these personal information items, they have the ability to steal your identity and cause many new challenges that could take you a significant amount of money and time to get back under control.
The best way to protect yourself is to "think before you click" when you receive any emails that ask you for personal information, indicate your account is or may be closed or suggest that your information needs to be updated or confirmed. Don't become a victim at your own hands.
Cyber Security is everyone's responsibility.