I’m certain everyone reading this has received and clicked on an email scam, Facebook post or some other kind of scam that seemed to be legit. It is an attack called phishing and it can be really tough to detect the really good ones. Many times when an organized crime syndicate compromises a database of users it is with the intent to send them phishing emails to scam them. For instance when Monster.com was compromised, a job posting and seeking website, the users would recieve emails indicating that they had been selected for a job but had to fill out a “prescreen” survey due to the large number of applicants. The eager and in most cases recently laid off applicants would rush to send in the application which included personal information that was giving the scammers enough information to create virtual identities and get to work.
Below is a story that just happened within the past couple of weeks. If you own a Honda you will want to read this article and be cautious if you receive what seems like legit emails or phone calls. Educating your users and implementing prevention measures like content and spam filters are the most effective ways to reduce the likelihood that this could happen to someone in your organization or circle of friends.
–Honda Customer Database Security Breach
(December 29, 30 & 31, 2010)
Honda Motor Company is warning millions of its customers that intruders
have gained access to their email addresses, probably through an attack
on Silverpop Systems, a third-party marketing services provider. The
breach appears to affect two million Honda owners and three million
Acura owners and also includes names and vehicle identification numbers.
The compromised information could be used in phishing attacks.
- Honda’s Customer Database breached – millions of email addresses and VIN numbers leaked (gansec.com)
- Honda Warns 4.9 Honda and Acura Owners That Their Emails Were Compromised (spectrum.ieee.org)