Email phishing attacks
UD email users may see more phishing incidents, IT officials warn
12:25 p.m., April 5, 2011--Last week’s data security breach at Epsilon, the world's largest permission-based email service, may have some indirect effects on University of Delaware email users, UD IT officials warn.
This incident will have no direct effect on your UD email account; however, you may see more spam and phishing email.
FYI Stories
June 6: UDid It! Picnic
2FA protects you
According to Security Week and MSNBC, email addresses for customers of the following companies were exposed:
- Target
- Red Roof Inn
- 1800Flowers.com
- TiVo
- Ameriprise Financial
- US Bank
- JPMorgan Chase
- Capital One
- Barclays Bank of Delaware
- McKinsey & Company
- Marriott Rewards
- Ritz-Carlton Rewards
- New York & Company
- Best Buy
- Walgreens
- LL Bean
- Kroger
- Home Shopping Network (HSN)
- Disney Destinations
- Robert Half Technologies
- The College Board.
In addition, some members of the UD community report that they have received warnings about the breach from other companies, notably Verizon and TIAA-CREF.
If you are a customer who has registered an email address with any of these companies, be on the lookout for an increase in spam and “phishing scams” in your email.
Can you tell the difference between a phishing scam and a legitimate warning notice about this breach? First, the legitimate notices do not include a link for you to confirm your account. Second, no legitimate organization will ever ask you reply to email with personal information. The warning sent by JP Morgan Chase provides a good summary:
- Don't [send] your User ID or password in email.
- Don't respond to e-mail that requires you to enter personal information directly into the e-mail.
- Don't respond to e-mail threatening to close your account if you do not take the immediate action of providing personal information.
- Don't reply to e-mail asking you to send personal information.
- Don't use your e-mail address as a login ID or password.
(Source: Patricia O. Baker, senior vice president, JP Morgan Chase; “Please read important message about your email address,” email sent April 4, 2011.)
For more information, contact the company with whom you have registered an email address or see IT’s advice about avoiding phishing scams. To report a problem or concern, contact UD’s IT Support Center.