Epsilon: Be Wary of Phishing Attempts

Monday, April 18, 2011

Rod MacPherson


Epsilon: Be wary of Phishing attempts coming from legitimate looking e-mails 

I know Epsilon is starting to become old news around here, but...

  • We all subscribe to e-mail newsletters in some form or another.
  • We all get those deal of the day e-mails telling us the latest deals at our favorite retailers or Air Miles updates with links back to the Air Miles site and vacation deals.
  • We all need to be a lot more careful.

Last month Epsilon, a marketing firm that deals with many of the retailers we all know and trust was hacked.

At first it was downplayed as not important because the hackers only got names and e-mail addresses.

No credit Card data was ever stored by Epsilon on the systems that were breached, and in fact they would not have that info in most cases because they are just the guys who send out those e-mail newsletters on behalf of retailers and banks.

Not long after, people started to realize the implications of this breach, but the problem is even the tech press never really got the point across very well, and it was usually ignored by readers because the news sites only ever listed a handful of companies that were affected.

Most people reading about the breach are probably thinking, "I don't deal with those companies, I'm ok" looking at the short list of 3-4 examples in most news stories about it, or "so they got my e-mail address who cares, I get spam all the time".

The issue is they got e-mail addresses, and names linked to retailers and banks that you DO deal with and that you are already used to getting e-mails from... e-mails that already link to a 3rd party, that takes stats then forwards you to the retailer's website.

So you are used to seeing links in these e-mails pointing to somewhere other than the official website, but eventually taking you there.

This is prime data for a wide spread, and likely to be highly successful, Phishing expedition.

They send you an e-mail that looks like every Sears ad you've gotten on a monthly basis for years, it has a great bargain on BBQs... You think "It's spring, I should probably check out this deal on BBQs" and you click it.

It takes you to what looks like a Sears website (and yes they can be VERY convincing) but it is not. It is a fake Sears website that they set up just for the purpose of collecting more info about these people that they already know are Sears customers...

Maybe you will attempt to order that BBQ and they will get your credit card, and you won't know it till it is way too late.

The other scam that they are running is a fake Epsilon breach news update site (copied from the actual press release site) that offers up a downloadable tool that they tell you to run to see if the hackers have your e-mail address... That tool is a Trojan!

So do they have your e-mail address? Probably. Do you get regular e-mails from any of these companies?

Abercrombie & Fitch (WFNNB)
AIR MILES Reward Program (Canada)
Ann Taylor (WFNNB)
AshleyStewart (WFNNB)
Avenue (WFNNB)
Barclays Bank of Delaware
Bealls (WFNNB)
Best Buy
Best Buy Canada Reward Zone
Benefit Cosmetics (see below)
BJ’s Visa (Barclays Bank of Delaware)
Capital One
Catherine’s (WFNNB)
Chadwick’s (WFNNB)
Charter Communications
City Market
College Board
Crate & Barrel (WFNNB)
David’s Bridal
Dell Australia
Disney Destinations (The Walt Disney Travel Company)
Domestications (WFNNB)
Dressbarn (WFNNB)
Eddie Bauer Friends
Eileen Fisher (doesn’t name Epsilon but same template letter)
Ethan Allen
Eurosport Soccer (Soccer.com)
Express card (WFNNB)
ExxonMobil Card (Citi)
Fashion Bug (WFNNB)
Food 4 Less
Fred Meyer
Gander Mountain (WFNNB)
Giant Eagle Fuelperks! (WFNNB)
GlaxoSmithKline Consumer Healthcare (GSK)
Goody’s (WFNNB)
Hilton Honors
Home Depot Card (Citi)
Home Shopping Network (HSN)
J Crew (WFNNB)
Jay C
Jessica London (WFNNB)
JPMorgan Chase
Justice (WFNNB)
KingSize Direct  (WFNNB)
King Soopers
Lane Bryant (WFNNB)
L.L. Bean Visa (Barclay’s)
M & T Bank
Marriott Rewards (FAQ on site)
Marks & Spencer
Maurice’s (WFNNB)
McKinsey Quarterly
MyPoints Reward Visa
New York & Company
NTB Card (Citi)
One Stop Plus (WFNNB)
PacSun (Pacific Sunwear) (WFNNB)
Palais Royal (WFNNB)
Peebles (WFNNB)
Polo Ralph Lauren
PotteryBarn/PotteryBarnKids (WFNNB)
Quality Food Centers (QFC)
RadioShack (WFNNB)
Red Roof Inn
Reeds Jewelers (WFNNB)
Ritz-Carlton (FAQ)
Robert Half International
Sears (Citi)
Shell (Citi)
Smile Generation Financial
Smith’s Food & Drug Centers (Smith’s Brands)
Sportsman’s Guide (WFNNB)
Stage (WFNNB)
Stonebridge Life Insurance
Tastefully Simple
TD Ameritrade
The Limited (WFNNB)
The Place (Citi)
Trek (WFNNB)
United Retail Group (WFNNB)
US Bank
Value City Furniture (WFNNB)
Victoria’s Secret (WFNNB)
Viking River Cruises
Woman Within (WFNNB)
World Financial Network National Bank

Cross-posted from Rod's Tech

Possibly Related Articles:
Email Phishing scams malware breach Epsilon
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.