« Private users need be wary of using Facebook Questions | Main | Amazon sells cheaper Kindle with advertisements »

What to do if your e-mail was exposed in Epsilon breach

E-mail subscribers whose accounts were listed with dozens of companies hacked over the weekend should keep a watchful eye for scams. Even if you didn’t get a letter about your e-mail being involved in the recent breach, don't assume you're safe. These attacks can happen to anyone.

Don't click on any links from corporation e-mails, or e-mails from strangers. Open a fresh browser and go to the website by typing the address yourself. 

"If you are suspicious of an e-mail, go directly to the website. Don’t follow the links," said McAfee spokesman Joris Evers. "There’s no time you should really be clicking. It could always be a scam."

Suspicious e-mails are those that ask you to log into an account to confirm something, such as an order you've made or delivery of a package. Hackers prey on your panic that if you don't sign in, something will get canceled or that your account as been hacked. Think before you click.

Don't call any phone number listed in an e-mail. Go to the company's website and find it yourself. Hackers will use a false phone number with actors to make the scam more believable.

Don't think you’re savvy enough to know the difference between the real and fake e-mails and websites. It can be very difficult to detect the differences -- and especially difficult to notice a scam if reading an e-mail or website from a smartphone. "It's too easy to spoof it," said Marian Merritt, Internet safety advocate with Norton. Security software that's kept up to date can help detect bogus websites.

Even be wary of fake copy-cat consumer alerts about the Epsilon e-mail breach. "You will see more consumer alert e-mails going out," Merritt said. "I have additional concerns that the regular spammers out there will craft fake alert e-mails."

Right now, hackers only have e-mail address lists. But it's good practice to keep passwords for e-mail accounts different and hard to crack. The e-mail account is the portal to access all of a user's online accounts, because anyone can reset a "forgotten" password using an e-mail account.

So far, the following e-mail newsletter lists were breached:

  • Amazon.com's AbeBooks subsidiary
  • Ameriprise Financial
  • Barclays Bank, affects U.S. customers of Barclaycard 
  • Best Buy
  • Capital One
  • Customers of Citi's North American credit card businesses
  • The College Board
  • Ethan Allen Interiors
  • Hilton Worldwide
  • HSN (Home Shopping Network)
  • JPMorgan Chase
  • Kroger
  • Marriott International
  • McKinsey Quarterly magazine 
  • New York & Co.
  • Target
  • TiVo 
  • U.S. Bancorp
  • Walgreens
  • Disney Destinations


TrackBack URL for this entry:

Listed below are links to weblogs that reference What to do if your e-mail was exposed in Epsilon breach:


Feed You can follow this conversation by subscribing to the comment feed for this post.

Jeff Zelaya

If you are looking for a well known, secure and respectable company to do your online marketing - then take a closer look at MediaWhiz - http://www.MediaWhiz.com - or contact me and I'll be glad to help you.


I got an e-mail from my bank saying there was suspicious activity on my account, but I knew it was just my wife out shopping!

The comments to this entry are closed.

Terms of Service | Privacy Policy | Copyright | About The Miami Herald | Advertise