Justin du Coeur (jducoeur) wrote,
Justin du Coeur

Spear-phishing warning

Just in case you haven't already heard the news: there was a major security breach in a big online marketing company, Epsilon. According to reports, there weren't any credit cards or suchlike compromised. Unfortunately, what *was* compromised is the magic triplet of email address, personal identifying information, and the company you are doing business with.

What does this mean to you? It means there is likely to be a huge spike in low-grade spear-phishing. You know the routine phishing emails that we all get frequently, that claim to be from some random company, and want you to log in there? Those are about to become a *lot* more effective. You're likely to get emails that appear to come from a company you do have business with, including information like your name and address; they will likely have links taking you to websites that appear to be real but are actually faked, designed to capture the rest of your personal information. (Especially credit card and social security numbers.)

So be vigilant for at *least* the next few months. While the perpetrators might get caught, the likelihood is that the cat will be out of the bag, and a lot of abuses will be committed with this information...

  • Post a new comment


    Anonymous comments are disabled in this journal

    default userpic

    Your reply will be screened

    Your IP address will be recorded