Assuming that the Epsilon fiasco will lead to some sort of phishing epidemic, I’ve already posted an Epsilon resources blog at AVIEN, but as phishing is well within the current remit of this blog, I’ve also included a quick summary below. The links include articles offering advice, listing companies affected and so forth. If you’re only interested in a specific type of article, the AVIEN blog has more detail on some of the articles: the list here is in no particular order.
Perhaps the most ironic aspect of the incident is that while the media is waiting for a dramatic spear-phishing incident, the most notable symptom right now is the sheer volume of emails from customers of Epsilon warning their own customers about the compromising of their email addresses.
- http://blog.eset.com/2011/04/07/phishphloods-not-all-phishing-is-spear-phishing
- http://www.smh.com.au/technology/security/dell-australia-customer-details-stolen-in-major-global-data-breach-20110407-1d4yd.html
- http://www.databreaches.net/?p=17374
- http://nakedsecurity.sophos.com/2011/04/04/epsilon-email-address-megaleak-hands-customers-customers-to-spammers/
- http://www.scmagazineuk.com/epsilon-confirms-that-no-financial-data-was-breached-as-it-admits-that-the-potential-loss-of-clients-is-its-greatest-risk/article/200122/
- http://www.scmagazineuk.com/if-your-outsourced-data-is-breached-where-does-the-responsibility-lie/article/200123/
- http://krebsonsecurity.com/2011/04/epsilon-breach-raises-specter-of-spear-phishing/
- http://krebsonsecurity.com/2011/04/after-epsilon-avoiding-phishing-scams-malware/
- http://blog.eset.com/2011/04/04/how-to-avoid-a-phishing-attack
- http://blog.eset.com/2011/04/04/information-wants-to-be-free-so-epsilon-thinks
- http://threatpost.com/en_us/blogs/list-companies-hit-epsilon-breach-040511
- http://anti-virus-rants.blogspot.com/2011/04/why-epsilon-breach-shouldnt-be-issue.html
David Harley CITP FBCS CISSP
Small Blue-Green World
ESET Senior Research Fellow
[…] Links and a little extra irony from me: https://chainmailcheck.wordpress.com/2011/04/07/epsilon-epidemic/ […]
By: Status Epsilon-icus* « The AVIEN Blog on April 7, 2011
at 3:41 pm
[…] Epsilon Epidemic (chainmailcheck.wordpress.com) April 7th, 2011 | Tags: Better Business Bureau, Data breach, Email address, Email marketing, Epsilon, JPMorgan Chase, Phishing, Social Security number | Category: Uncategorized […]
By: The first post-Epsilon phishing emails have been spotted « Precise Payment Solutions on April 7, 2011
at 9:17 pm