Wednesday, January 22, 2014

Did you get an email from Target?

Are you one of the roughly 70 million people who got an email from Target last week about the store's mega security breach? If so, be careful.

Target did indeed do a blast to customers to offer one year of free credit monitoring. The problem is scammers are also on the prowl and are sending out similar emails.

Target even says it has identified and stopped at least 12 scams preying on consumers via email, Facebook and other outlets.

The Target emails went to customers whose personal information was in the Target database. Cyber thieves penetrated the records during the holiday shopping season breach discovered last month and stole info like names, phone numbers and email addresses. The full extent of the hacking is still under investigation.

In the meantime, here's what to do if you see an email from Target pop up in your inbox.

If you've already opened the email: Target has posted a copy of the email it sent out online. So go here to make sure the email you opened, the address it came from, and the link you clicked all matches up.

If it doesn't match, and especially if you clicked a link to an external website and entered personal information, you need to take action quickly.

First, get a copy of your credit report, check your bank and credit card activity on a daily basis and call the credit reporting agencies to tell them what happened. You can ask to have a fraud alert placed on your account, meaning it will be flagged to lenders if someone attempts to open credit in your name.

If you're really worried, you can request a credit freeze, which prohibits any credit from being extended under your name. But that's a big step because you will have to go through the process of undoing this whenever you need credit again.

If you entered a credit card or debit card number, reach out to those institutions to warn them of potential fraud as well.

If you haven't opened the email: To avoid any chance of a virus or of falling prey to a potential scam, it is  recommended to go directly to Target's website to view the letter you believe has landed in your inbox -- since even opening a fraudulent email could lead malware to be installed on your computer. And if you do open the email, don't click on any links.

All other correspondence from Target can be found here. The retailer emphasizes that it will never email a consumer and ask for personal information like a Social Security number or credit card information.

But it's not just emails claiming to be from Target that customers need to worry about.

If your personal information was compromised in the breach, that means scammers could contact you pretending to be anyone -- like another retailer.

Monday, January 13, 2014

What You May Need to Know about Your Smart TVs & Phones

Smart appliances may be too smart for our own good!

Take smart TVs, for instance. As this article illustrates, some of these new appliances are particularly vulnerable to hackers. Once compromised, the TVs allow access to account information, including login credentials (which owners may use for access to more than just their smart-TV account). Even scarier, hackers could gain access to front-facing cameras to see everything happening in the room where the TV is connected. Instead of you watching your favorite program, criminals may be watching you!   

As many people get new smartphones for holiday gifts, they will be tempted to sell their old devices. If you're one of them, keep this story, reported by a Virginia ABC affiliate, in mind.
McAfee online security expert Robert Siciliano did a little experiment; he purchased 30 different devices from craigslist, including laptops, notebooks, iPads and smartphones. "I asked every single person if they re-installed the operating system or reformatted the drive, and they all said yes," Siciliano said. "On more than half of the devices, I found enough information to steal identities or, in some cases, even get people into trouble." 
The takeaway? Be mindful that erasing your personal data from your devices requires more than a delete button.

Here's a good resource  for learning how to sufficiently wipe your smartphones, tablets, computers and more before handing them off to a stranger. 

Saturday, January 11, 2014

Reminder: To Whom are You Really Emailing?

Confirm the email address before you hit send!

Nowadays, it's not uncommon for people to have multiple email addresses. Some people even belong to group email accounts in which an email sent to one address is actually received and potentially read by multiple people.

Before you hit send, be sure you know exactly where your email message is headed. Even when you're replying or forwarding, take the extra moment to hover your mouse over the address in the "To" field to be sure it's going to the intended address.

If you find yourself making this mistake often, consider changing email clients. Gmail, for instance, is notorious for allowing this recipient confusion. Gmail users should also be aware that Google has copies of and access to all email sent using its system. Mr. Snowden provided some proof of that.

Businesses especially should always use a proprietary domain for their email (not Gmail, Yahoo, etc., and certainly not a social email address, like those from Facebook). Business owners should always ensure their email provider follows good security practices (e.g., not storing any email on their servers after it is delivered to the client destination).