14 DAY TRIAL // The Better Business Bureau (BBB) warns that phishing attacks resulting from the data breach at email marketing vendor Epsilon have already started to appear.
Despite resulting in the exposure of only email addresses and names, the Epsilon data breach is considered one of the largest such incidents ever to occur.
At the beginning of this month, Epsilon, one of the largest providers of permission-based email marketing services in the world, announced that hackers broke into its servers and stole customer email lists.
Despite only 2 percent of its client base being affected, that includes 50 of the top financial services, retail, computer manufacturing, and other companies.
Even if not as dangerous as the exposure of Social Security numbers or financial information, the leaking of email addresses coupled with names and known business relationships is the perfect combination for targeted attacks.
The phishing attack seen by BBB targets customers of Chase Bank, one of the companies whose customer email list was stolen from Epsilon.
The emails pose as official communications from the bank and instruct recipients to verify their accounts by clicking on a link and inputting personal and financial information in a form.
"These hackers are looking for you to respond with vital information that can ultimately lead to identity theft. Consumers need to know the red flags in order to keep their identity protected," said Stephen A. Cox, President and CEO of the Council of Better Business Bureaus.
In all fairness, this phishing attack is not unlike those seen before the Epsilon breach, and there is no specific evidence to tie it directly to the unfortunate incident.
However, even if they are unrelated, the fact that customers receive such emails soon after being notified by Chase Bank that their email addresses and names were exposed to hackers, might lend credibility to the scam.