By now everyone’s probably heard about the data breach at Epsilon … which resulted in a lot of major eCommerce vendors customers mailing list getting stolen.
Personally, I’ve gotten notifications from Chase, Walgreen, Tivo, Best Buy, 1-800-Flowers, and a few others … informing me of the breach and assuring me that no critical information was stolen … just my email address.
What do you do now?
Well, nothing out of the ordinary … nothing that you shouldn’t have been doing before.
First, and foremost, there’s nothing you can really do … the data has been stolen. The crooks have it.
Secondly, so the crooks have your email address … So do hundreds of other spammers. The amount of spam you’re going to get might increase a little bit. I doubt anyone will notice it.
As for what you should do about the Epsilon breach … Nothing you shouldn’t have already been doing.
- Always look at email from an online vendor with a critical eye. Assume it’s fraudulent until proven otherwise.
- Keep in mind that no reputable online vendor is going to send you an unsolicited email asking you to reset your password or ask you to send account information via return mail.
- If you do get an email from an online vendor you use, and click on a link in the email, triple check the URL you land on. Chase bank isn’t going to send you to “chase-password-reset.com” to reset your password.
- If you have any question about the content of an email that appears to be from a vendor, don’t click on the email link. Open your browser and type the domain name of the vendor directly in the address bar. That way you’re assured of landing on the correct site.
- No vendor will ever send you a program that needs to be installed in order to access their site.
- Never reply to an email offering you a percentage of some huge amount of money in return for your services facilitating the transfer of funds.
- There is no Nigerian prince who needs to your help to get the funds, random email lottery, or package you aren’t expecting being held at DHL / UPS / FedEx.
- If it sounds too good to be true, it IS.
The long & short of it is: Assume that anyone sending you email is trying to steal your wallet … until proven otherwise.