You probably have received several alerts from various vendors already about your email being compromised in the Epsilon breach. I know I have received 3 so far which speaks to the magnitude of the breach. Epsilon is currently stating about 2% of their customers. They send out about 40 Billion emails annually for about 2500 customers.
Some of the big banks affected include Citi, Chase, US Bank and Capital One. While no account numbers, ssns or other NPI was exposed it still is a major advantage for phishers because it allows a more personal, detailed and customized attack which increases the rate of success. Of course none of this is a problem if customers simply never respond to any of these emails no matter how legitimate they look. Still we know that a small percentage will and this is what the hackers count on. It is all a game about percentages and having the name or other small bits of information to make the phishing email more legitimate looking which increases the success rate.
For banks, phising attacks become a race against time. From the time they become aware of a phising attack they go to work to let the customers know about the attack and to work with authorities and Internet providers to get the phising sites taken down. This is not as easy as you may think, since these sites may be multiple and are often setup in countries where there are language and response barriers. Meanwhile every day or hour the site stays up the hackers benefit.
So the banks will likely be busy with the new barrage of attacks coming up. Just be sure to remember the security basics to protect yourself.
No comments:
Post a Comment