Epsilon ripples across the pond

A week after Epsilon confirmed that it had detected an unauthorised entry into its email system, the ripple effect is starting to be felt here in the UK. In fact, this breach is shaping up to be one of the biggest this year, and possibly to date as more victims come out of the shallows!

Unsurprising as the online marketer has some of the biggest US and UK companies on its client list, across different vertical sectors, including Citigroup, JPMorgan, and Target in the US. So far, here in the UK, we’ve learnt that Marks & Spencer and Mothercare customers’ email records have been compromised but it’s still relatively early days.

As Epsilon sends out more than 40 billion email ads annually, there is a strong possibility that you may have received an email similar to this one recently:


There are some that have questioned that, as only the names and email addresses were compromised, what can a hacker actually do with such information?

Correlating the information in the different lists opens up the opportunity for ‘spear-phishing’ campaigns – emails that target specific individuals. To fool the recipient into believing they’re legitimate, they will contain personal details that only an individual familiar, or conducting business, with the victim should know.

Theoretically a Mothercare customer, who regularly shops at M&S, could be attacked by the hacker. Having cross referenced the two lists, the hacker can target them with an email, purporting to come from M&S, offering promotions on its baby-care items if the customer signs up for the service. The customer is deceived, clicks on the link to register and, as part of the process, is asked to provide additional information such as a credit card number. Hey presto – the hacker now has more than just an email address!

On Tuesday (April 5), Intuit – the makers of a US tax refund preparation software – warned its customers about similar phishing campaigns following the Epsilon hack. Interestingly, Intuit is not even an Epsilon client! However, due to the timing of the Epsilon hack, Intuit believes that hackers will initially use these lists to aim at US citizens scurrying to meet the April 15th tax rebate deadline.

Here in the UK, phishing emails purporting to be from HMRC are often circulating and, in fact, our research labs have shown that tax scams this year are on the rise. How do these tax scammers operate?

SHARETweet about this on TwitterShare on LinkedInShare on FacebookShare on Google+Pin on PinterestDigg thisShare on RedditShare on TumblrShare on StumbleUponEmail this to someone

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads Imperva's internationally recognised research organisation focused on security and compliance. Prior to Imperva, Amichai was founder and CTO of Edvice Security Services, a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Amichai served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.