Just days after millions of customers' email addresses were stolen in one of the largest data breaches in history, the Better Business Bureau is seeing one of the first Epsilon data breach phishing scams.
Phishing, a popular emailing scam, is a term coined by computer hackers who use email to fish the Internet hoping to hook you into giving them your logins, passwords and/or credit card information. If you are a customer of one of the companies that had email data stolen, BBB is warning you to be on the lookout for phishing emails.
Typical phishing scammers pose as reputable companies to fraudulently obtain your personal information. In this case, the BBB is now seeing emails being sent from a fake 'Chase Bank,' one of the companies whose data was compromised. Following suit, the email warns that ‘your account’ will be deactivated or deleted if you do not update your profile immediately. The email instructs you to update your account by clicking on the link provided.
“These hackers are looking for you to respond with vital information that can ultimately lead to identity theft,” said Don MacKinnon, President and CEO of the Better Business Bureaus serving the Maritime Provinces. “Consumers need to know the red flags in order to keep their identity protected.”
BBB advises consumers that there could be other phishing emails shooting through cyberspace and to do the following if they suspect they have fallen victim to a phishing scam.
Never reply to the email. If the message includes a link within it, never click it. Many schemers use this as way to spread a viral attack on your computer.
Do not give personal or financial information to anyone who contacts you via email. Even if they claim they are from your bank, Canada Revenue Agency or a law enforcement agency, these businesses will not contact you via email; they will send you a letter.
Spread the word. Discuss phishing scams with all the members of your family who have email addresses. Young people are very computer savvy, but may not be scam savvy, and older adults are specifically targeted by scammers because they are often very trusting.
Transmitted information should be encrypted. When sending personal information like addresses, credit card numbers and Social Insurance numbers over the Internet, make sure the website is fully encrypted and the network is secure. Look for https (the “s” stands for secure) at the beginning of the URL address to confirm its security.
Know the red flags. Watch out for grammatical mistakes in emails. Poor grammar or misspelled words are red flags that the email is probably a scam. Most importantly, never wire money based on instructions in one of these suspicious emails. Scammers prey on those who think they need to wire money to have a situation resolved.
Protect your computer. Keep your anti-virus software up-to-date and run it regularly.
A sample of the fraudulent email claiming to be from Chase Online Banking follows: