Monday, April 18, 2011

Epsilon: Be wary of Phishing attempts coming from legitimate looking e-mails

We all subscribe to e-mail newsletters in some form or another.
We all get those deal of the day e-mails telling us the latest deals at our favourite retailers or Air Miles updates with links back to the Air Miles site and vacation deals.

We all need to be a lot more careful.

Last month Epsilon, a marketing firm that deals with many of the retailers we all know and trust was hacked.
At first it was downplayed as not important because the hackers only got names and e-mail addresses. No credit card data was ever stored by Epsilon on the systems that were breached, and in fact they would not have that info in most cases because they are just the guys who send out those e-mail newsletters on behalf of retailers and banks.

Not long after, people started to realize the implications of this breach, but the problem is, even the tech press never really got the point across very well, and it was usually ignored by readers because the news sites only ever listed a handful of companies that were affected.

Most people reading about the breach are probably thinking, "I don't deal with those companies, I'm ok" looking at the short list of 3-4 examples in most news stories about it, or "so they got my e-mail address who cares, I get spam all the time".

The issue is they got e-mail addresses, and names linked to retailers and banks that you DO deal with and that you are already used to getting e-mails from. ...e-mails that already link to a 3rd party, that takes stats then forwards you to the retailer's website. So you are used to seeing links in these e-mails pointing to somewhere other than the official website, but eventually taking you there.

This is prime data for a wide spread, and likely to be highly successful, Phishing expedition.

They send you an e-mail that looks like every Sears ad you've gotten on a monthly basis for years, it has a great bargain on BBQs... You think "It's spring, I should probably check out this deal on BBQs" and you click it. It takes you to what looks like a Sears website (and yes they can be VERY convincing) but it is not. It is a fake Sears website that they set up just for the purpose of collecting more info about these people that they already know are Sears customers... Maybe you will attempt to order that BBQ and they will get your credit card, and you won't know it till it is way too late.

The other scam that they are running is a fake Epsilon breach news update site (copied from the actual press release site) that offers up a downloadable tool that they tell you to run to see if the hackers have your e-mail address... That tool is a Trojan!

So do they have your e-mail address? Probably. Do you get regular e-mails from any of these companies?

1-800-FLOWERS
AbeBooks
Abercrombie & Fitch (WFNNB)
AIR MILES Reward Program (Canada)
Ameriprise
Ann Taylor (WFNNB)
AshleyStewart (WFNNB)
Avenue (WFNNB)
Barclays Bank of Delaware
Beachbody
Bealls (WFNNB)
bebe
Best Buy
Best Buy Canada Reward Zone
Benefit Cosmetics (see below)
BJ’s Visa (Barclays Bank of Delaware)
Brookstone
Capital One
Catherine’s (WFNNB)
Chadwick’s (WFNNB)
Charter Communications
Chase
Citigroup
City Market
College Board
Crate & Barrel (WFNNB)
Crucial
David’s Bridal
Dell Australia
Dillons
Disney Destinations (The Walt Disney Travel Company)
Domestications (WFNNB)
Dressbarn (WFNNB)
Eddie Bauer Friends
Eileen Fisher (doesn’t name Epsilon but same template letter)
Ethan Allen
Eurosport Soccer (Soccer.com)
Express card (WFNNB)
ExxonMobil Card (Citi)
Fashion Bug (WFNNB)
FINA (WFNNB)
Food 4 Less
Fred Meyer
Fry’s
Gander Mountain (WFNNB)
Giant Eagle Fuelperks! (WFNNB)
GlaxoSmithKline Consumer Healthcare (GSK)
Goody’s (WFNNB)
Hilton Honors
Home Depot Card (Citi)
Home Shopping Network (HSN)
J Crew (WFNNB)
J.Jill
Jay C
Jessica London (WFNNB)
JPMorgan Chase
Justice (WFNNB)
KingSize Direct  (WFNNB)
King Soopers
Kroger
Lacoste
Lane Bryant (WFNNB)
L.L. Bean Visa (Barclay’s)
M & T Bank
Marriott Rewards (FAQ on site)
Marks & Spencer
Maurice’s (WFNNB)
McKinsey Quarterly
MoneyGram
MyPoints Reward Visa
New York & Company
NTB Card (Citi)
One Stop Plus (WFNNB)
PacSun (Pacific Sunwear) (WFNNB)
Palais Royal (WFNNB)
Peebles (WFNNB)
Polo Ralph Lauren
PotteryBarn/PotteryBarnKids (WFNNB)
Quality Food Centers (QFC)
QualityHealth
RadioShack (WFNNB)
Ralphs
Red Roof Inn
Reeds Jewelers (WFNNB)
Ritz-Carlton (FAQ)
Robert Half International
Scottrade
Sears (Citi)
Shell (Citi)
Smile Generation Financial
Smith’s Food & Drug Centers (Smith’s Brands)
Sportsman’s Guide (WFNNB)
Stage (WFNNB)
Stonebridge Life Insurance
Target
Tastefully Simple
TD Ameritrade
The Limited (WFNNB)
The Place (Citi)
TIAA-CREF
TiVo
Trek (WFNNB)
United Retail Group (WFNNB)
US Bank
Value City Furniture (WFNNB)
Verizon
Victoria’s Secret (WFNNB)
Viking River Cruises
Walgreens
Woman Within (WFNNB)
World Financial Network National Bank




For more info:

http://www.databreaches.net/?p=17374

http://www.net-security.org/malware_news.php?id=1696&utm_source=Help+Net+Security+Daily+News&utm_campaign=6de5c5076e-RSS-hns&utm_medium=email

No comments: