Happy April! As we launch into May and nicer weather, I really look forward to spending more time outside and less time inside on my computer, especially reading unwanted email.
Interestingly, I recently received e-mails from several companies I do personal business with informing me that there was a breach with a third party vendor. They stated that, “The information obtained was limited to the customer name and e-mail address.” They also assured me that no other information was compromised. Not sure if that makes me feel better or not?
What I didn’t know at the time is that this compromise of data has a name, the Epsilon Breach. Epsilon is an on-line marketing firm that sends marketing e-mails to billions of customers annually on behalf of over 2500 clients. Many big names including CitiGroup, Best Buy and Capital One Financial utilize their services.
While the fact that no sensitive information was released is a good thing, it’s still disconcerting to know that any information at all was obtained. As a result I’ve already noticed an increase in spam in my e-mail box from places I’ve never heard of. It’s annoying to say the least and I’m angry that companies that I trust to safeguard my information may have let me down.
Besides the unwanted extra e-mail, another risk that is being reported with this breach is that the hackers could use those e-mail addresses to impersonate legitimate places I do business with. A few months from now when I’ve forgotten about this, I could get phony e-mail claiming to be from my credit card company, for example. According to reports, threats include embedded code that may install on my computer when I open the message or a link in the e-mail that could take me to a website that looks just like the one I’m familiar with. Both are potential ways of getting me to input my personal account information. .
So how do we protect ourselves? Here are a few tips to keep in mind:
* Don’t click on any link in an e-mail that takes you to the company website. Go to your browser and type in the e-mail address. This is especially important if you plan on logging into the site and providing a password and account information to pay your bill.
* Absolutely make sure you have updated your security and antivirus software.
* Change the password on any account you feel may have been compromised – or on all of your accounts, period. Use symbols and upper and lower case letters. Select new security questions and answers too.
* Be very cautious when opening an e-mail from any company involved in the Epsilon Breach. You should have been notified by these companies a few weeks ago if you are currently doing business with them. Do not provide any personal information if it’s requested. The concerned companies will not ask you for any personal data in an e-mail. In fact, nobody should.
While I feel reasonably sure that I won’t fall for one of the scams that could come out of this, I worry about the people who may not be as aware. My friend’s son for example, had his e-mail address compromised as part of this mess. The College Board website was part of the breach and he is enrolled there for services such as signing up for the SAT’s. Would he know if he was spammed by a scam? Would you?
More information on the Epsilon Breach and additional tips to protect yourself can be found at:
Like many of you, my life is just too busy to deal with any more time-hoggers like spam. If you have any other tips to share, please email me. Would love to hear from you!