Beware of possible Phishing scam (April 8th, 2011)|
Epsilon, the world’s largest distributor of permission-based email, disclosed that email addresses provided by
its clients were exposed in an attack on the company’s email system. The company disclosed that only email
addresses were compromised. The compromise could lead to phishing attacks launched against the clients’ customers.
Epsilon has over 2500 clients worldwide for whom it sends over 40 billion emails annually. The number of email
addresses compromised is not known at this time. Additionally, the company has not released a list of clients who
were impacted; however, various online news reports indicated that some affected clients are in the financial
services industry and include JP Morgan Chase, Citigroup, and Capital One. These institutions have alerted their
clients of the breach and to be cautious of phishing emails. Other organizations impacted include major retailers
such as Best Buy, Walgreens and Kroger.
Although Epsilon stated that no personal identifiable information was at risk, the customers of Epsilon clients
who were impacted could be at risk for phishing attacks. In a phishing scam, fraudsters send fraudulent emails
targeting a specific organization. In the Epsilon breach, the fraudsters could easily craft their email messages
to make it appear as though they are sent by the recipient’s financial institution or trusted retailer. The
fraudsters will attempt to collect personal and/or financial information by sending attachments infected with
software for stealing passwords, or by including a link in the email to a with a request to provide personal
and/or financial information.
Champion Credit Union will never ask for personal or financial information via email. Please be cautious and
aware and do not provide this information to anyone, even if the email or site appears legitimate, via email.