Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/6/2011
02:22 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Better Business Bureau Warns Of First Phishing Attacks In Wake Of Epsilon Breach

Banks, credit-card issuers warn of email breach

CHARLOTTE, N.C. -- It has only been a few days since millions of customers' email addresses were accessed in one of the largest data breaches in U.S. history, and now, the BBB is seeing one of the first email phishing scams to result from the information theft.

If you are a customer of one of the companies that had email data stolen, the BBB is warning you to be on the lookout for phishing emails. An email sent from a fake "Chase Bank," one of the companies whose data was compromised, warns that "your account will be deactivated or deleted if you do not update your profile immediately." The email instructs you to update your account by clicking on the link provided. "Although the email sounds urgent since it appears to be from your bank, do not click on the link and input your bank account number or social security number," said BBB President Tom Bartholomy. "With this information, a scammer can steal your identity in a matter of minutes." The BBB has advice to help protect you from identity theft and email phishing scams:

* Be careful about clicking on links or downloading attachments contained in emails. You could expose your computer to viruses, spyware and malware which can lead to identity theft. * Do not give personal or financial information to anyone who contacts you via email, even if they say they are from your bank, the IRS or a law enforcement agency. These businesses will not contact you via email; they will send you a letter. * Discuss phishing scams with all the members of your family who have email addresses. Young people are very computer savvy, but may not be scam savvy, and older adults are specifically targeted by scammers because they can be very trusting. * Watch out for grammatical mistakes in emails. Poor grammar or misspelled words are red flags that the email is probably a scam. * Keep your anti-virus software up-to-date and run it regularly.

For more information about phishing scams, please visit www.bbb.org.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 11/19/2020
New Proposed DNS Security Features Released
Kelly Jackson Higgins, Executive Editor at Dark Reading,  11/19/2020
How to Identify Cobalt Strike on Your Network
Zohar Buber, Security Analyst,  11/18/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: A GONG is as good as a cyber attack.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5641
PUBLISHED: 2020-11-24
Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors.
CVE-2020-5674
PUBLISHED: 2020-11-24
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2020-29002
PUBLISHED: 2020-11-24
includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator.
CVE-2020-29003
PUBLISHED: 2020-11-24
The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll.
CVE-2020-26890
PUBLISHED: 2020-11-24
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. If such a malformed event is accepted into the r...