Don't get reeled in by email phishing scams
As you may already know, Epsilon, a company responsible for the direct email marketing of many big-name companies, was recently the target of a security breach that could affect tens of millions of consumers. The attackers were able to obtain the names and email addresses in the databases for companies who use the marketer to send emails to customers and clients.
While email phishing scams aren’t uncommon, this specific case is especially unnerving given the fact that a number of the companies that were targeted include banks, retailers and hotel chains. Although the marketing company says financial information wasn’t accessed, security experts warn that thieves who simply know your name, email address and where you shop are dangerous because they have the ability to target you on a more sophisticated level.
This technique, known as “spear-phishing”, can give a person the impression that an email is coming from a trusted source – such as their bank or pharmacy. The emails often ask the customer to update their personal information for security purposes – ironically enough.
The important thing for consumers to remember is that there are steps you can take to avoid becoming the victim of a phishing scam.
Stay informed. In this case, knowledge is power. If you are aware that you could be targeted, you are less likely to fall for a phishing scheme.
Don’t respond to emails that request personal information. Banks will never send you an email asking you to disclose your account information. If a company needs information to update its files, they may ask you to log in to their website to do so, but they will not ask for your information via email. Scammers who are armed with your email address will attempt to convince you otherwise, but don’t – under any circumstance – give out personal, financial information in an email.
Don’t click on links. It doesn’t matter how legitimate the link seems. If you think it is truly from the company, then type in the company’s URL yourself. Don’t open the link in a new tab, copy and paste the link, or touch the link at all. That’s what the thieves want you to do. If it is a real notice, then the company will likely inform you via your account on their site as well.
Don’t save personal information. If a website offers to store your personal information, and you accept, you are putting yourself at the mercy of third-party hackers. Your information is not safe if it is stored in a company’s system. Although it may seem like a time-saver to keep your information stored – especially if it’s a website you visit frequently – it can ultimately put your personal information in the hands of hackers.
Check your accounts regularly. You should make it a point to routinely log into your online accounts and check your statements. Make sure to check for any suspicious transactions you may not have authorized, and report them to your bank or credit card company immediately.