As consumers become less and less responsive to email marketing campaigns from large companies, these companies, in turn, are outsourcing their online marketing efforts to 3rd party specialists.
Epsilon is one such 3rd party firm that handles email marketing for big corporations. In fact, it’s the biggest marketing services provider in the world. It reportedly sends over 40 billion emails a year and has over 2500 clients, including Kroger, TiVo, Walgreens, JP Morgan Chase, Capital One, Citi, and Target.
With such high-profile clients and so much consumer data, Epsilon has piqued the interest of cybercriminals who can profit from it, and on March 30th, it sustained a significant attack. A breach took place at Epsilon that, at worst, compromised all of its’ clients’ mailing lists, and, at best, put them all at risk of being compromised.
According to Epsilon, however, only a subset of their clients’ customer information was exposed. It claims that the breach affected just 2% of its clients and that only email addresses and client names were obtained. But even if that’s the extent of the damage, the breach could lead to a number of harmful attacks.
Phishing attacks are especially likely given the nature of the information that is now in cybercriminals’ hands. Just with client names and email addresses, cybercriminals are capable of launching targeted phishing attacks that are likely to dupe hordes of unsuspecting PC users.
Epsilon’s clients have warned their customers about the breach, but the importance of being cautious in these situations can’t be overstated. To avoid being a victim, always be suspicious of any emails you receive from companies, even if they look legit. Make sure to inspect emails very carefully before you submit any kind of information. Sadly, it’s often the most trusting people who end up getting scammed.