Hacked Off by an Email Data Breach?

According to news reports, hackers recently accessed the database of Epsilon, a large marketing company that sends emails on behalf of banks, stores and other businesses.  Was your company an Epsilon client?  If so, the stolen information could make it easier for crooks to send emails that appear to be from your brand.

Here are a few things you can do to help your customers avoid a phishing attack that abuses your brand.

Many companies have already sent a message to customers letting them know about the breach.  If you haven’t, remind your customers that they shouldn’t respond if they get an email asking for sensitive information like a credit card number or Social Security number — even if it appears to be from your company.  Responsible businesses don’t ask for sensitive information in unsolicited email.

Tell your customers how to get in touch with your customer service staff, in case they want to confirm that a future message is legit.  Is the best method to use the contact information on their billing statement?

Finally, post information about the breach on your website, so your customers can find it if they receive phishing messages targeting your brand.  You can include a link to the information about phishing scams at OnGuardOnline.gov/phishing.

 

Add new comment

Comment Policy

Please enter a username. Don't use your email address.

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.