Threat Intelligence Blog

The recent Epsilon breach, which could quite possibly be the largest of its kind, has exposed millions of customer email addresses from many of the nation’s largest companies, including banks and retailers. While we have seen a decrease in spamSPAM: Email or postings containing irrelevant, inappropriate or indiscriminate messages sent to a large number of recipients. LookingGlass Cyber (n) - tons and tons of emails sent out with no relevance to anyone, or anything. phishingPhishing: The use of emails that appear to be from a legitimate, trusted source that are enticed to trick recipients into entering valid credentials including personal information such as passwords or credit card numbers into a fake platform or service. LookingGlass Cyber (n) - tailoring an attack (such as email) to garner trust and credentials that are then used maliciously. The preverbal digital version of the ol' hook and bait. attacks over the last year, data breaches like Epsilon empowers cyber criminals to dispatch millions of fraudulent emails disguised under trusted commercial and financial brands to gain access to personal account information. The significance of this breach is that the data stolen is tied directly to a well know event and can be manipulated to target unsuspecting account holders.

So what does this mean? People are going to be flooded with emails stating that they need to update their security records due to the breach, but how will they know a legitimate email from a fake? Quite simply, criminals can now use this information to contact all the victims of the breach and impersonate Epsilon’s customer service. Unknowing victims could think the email requests are coming from their authorized bank or retailer and may unknowingly click on malicious links, download virusVirus: A hidden, self-replicating piece of code written to have a detrimental effect that is designed to become a part of another program. LookingGlass Cyber (n) - it’s when your computer catches a cold and it may or may not make it. laden attachments, or worse, provide key personal information.

Because these attacks often look legitimate, it’s much easier to fall victim if you are not careful. If something doesn’t seem right, it most likely isn’t. NEVER click on a link or download an attachment if you are not positive it came from a trusted source. Also, never give up your personal information (i.e. passwords, account numbers, etc.) over the phone or via email. Your financial institution or retail provider will never ask you for it through those channels. Taking precautionary steps can potentially save you from being the victim of financial loss or perhaps worse. Making sure you and your employees are properly educated will go a long way in complementing your existing security measures. Anti-virus and other solutions help reduce the chances of becoming a victim, but by no means should be your sole means of protection.

Additional Posts

Hacked WordPress Sites: An Open Letter to WordPress Developers

The content management system WordPress is a fantastic tool. Its ease of use has has helped it ...

Cyber Criminals Adapt As Threat Landscape Changes

If there is one thing we know about criminal activity on the internet, we know it changes ...