Data Theft Expected to Lead to Targeted Phishing

You'd pretty much have to not be part of the digital age to not have been affected by this weekend's news that Epsilon, an email marketing firm was compromised, and that mailing lists from well known companies like Tivo, JP Morgan Chase, Capital One, Best Buy and others were stolen. While only names and email addresses were in the stolen data, there's already predictions that this stolen information will lead to targeted phishing attacks looking for more personal information that could be used for more harmful dangerous activities like identity theft.

So no surprise, be wary of emails from the organizations you know have been compromised in this attack, and don't send out any personal information, especially not over email, and not on websites that you haven't verified (by checking to make sure it's not an obfuscated URL, e.g. bestbuy.xyz.com instead of bestbuy.com), and checking the SSL certificate you're getting on the site (when connecting over HTTPS, which you should be if before you give out any sensitive information) to make sure it's really from the site you're going to and verified by a CA (certificate authority).

If all that's too much to remember, then also make sure you're using a secure web gateway or proxy, that identifies and blocks phishing sites, especially one that can do this real time as new sites come online.