ALL >> Computers >> View Article
Cybercriminals Steals Verified Active Email Addresses To Target With Spam And Phishing Attacks

In an effort to enhance online security and privacy, the Obama administration has proposed Americans obtain a single ID for all Internet sales and banking activity. But a new Rasmussen Reports poll finds most Americans want nothing to do with such an ID if the government is the one to issue it and hold the information.
Common security issues such as using one password for personal and business accounts, not having at least two-factor authentication for access into important databases, and utilizing work e-mail in transactions with banks and other businesses can lead to phishing attacks and ultimately data theft.
The Rasmussen Reports survey shows that just 13% of American Adults favor the issuing of a secure government credential to replace all traditional password protection systems for online sales and banking activities. Sixty percent (60%) oppose such a credential. Twenty-seven percent (27%) are not sure. Only eight percent (8%) of Americans would be willing to submit their personal financial and purchasing information to the government or a government contractor to receive a secure government credential for ...
... online transactions. Seventy-six percent (76%) would not be willing to submit this information for that purpose. Sixteen percent (16%) are undecided.
“If a criminal finds your e-mail address and it is at a county government, they now know where you work and then can go on the Internet and find businesses that you work with to craft a really targeted phishing message,” said Steve Dispensa, chief technology officer and co-founder of PhoneFactor Inc., a provider of phone-based, two-factor authentication services.
In addition, government employees and users that may be affected by the Epsilon breach might not be receiving the warning messages that individual companies that have utilized Epsilon are sending to customers. So people may think they are not at risk for any increased phishing activities, when in fact they are.
Security experts are warning users to brace for a tidal wave of more precise spear phishing attacks because of Epsilon’s data breach incident. Epsilon is responsible for sending more than 40 billion marketing emails per year on behalf of its 2500-plus customers. These emails are not spam in the Rustock botnet sense of the word. These email messages are marketing and customer communication emails from major clients such as JP Morgan Chase, Capital One, CitiGroup, and others.
The primary risk is that the attackers now have a list of millions of verified active email addresses to target with spam and phishing attacks. If the attackers were able to get not just the email address, but also its affiliation with one of Epsilon's customers, it will yield much more precise spear phishing attacks. Phishing is like casting a net. Spear phishing is narrowed down to a specific domain or company. But, these attacks would be to known email addresses that are also known to have a relationship with the company.
According to Joseph Wulffenstein, division chair of quantitative studies and department chair of management information systems at Northwood University in Midland, Mich., many municipal governments outsource their e-mail services to outside organizations. These organizations could have used Epsilon for marketing purposes, further exposing educational and governmental employees. “What I noticed is that people working in smaller municipalities and local governments rely on their IT staff to worry about [network security] for them,” Wulffenstein said. “And staff seldom has any training sessions with the users to show them the things they need to be aware of.”
Hiring adequately trained IT personnel focused on network security would go a long way to minimize security threats. Organizations need to enforce robust information security initiatives, including having a proficiently skilled IT security workforce, in order to prevent cyber attacks and minimize security breaches. Information security professionals can increase their IT security knowledge and skills by embarking on advanced and highly technical training programs. EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency of technically proficient information security professionals.
CAST will provide advanced technical security training covering topics such as Advanced Penetration Testing, Digital Mobile Forensics, Advanced Application Security, Advanced Network Defense, and Cryptography, among others. These highly sought after and lab intensive information security training courses will be offered at all EC-Council hosted conferences and events, and through specially selected authorized training centers.
About EC-COUNCIL
EC-Council is a member-based organization that certifies individuals in various e-business and security skills. It is the owner and developer of the world famous Certified Ethical Hacker (CEH) course, Computer Hacking Forensics Investigator (CHFI) program, License Penetration Tester (LPT) program and various other information security training programs offered in over 70 countries around the globe. EC-Council has trained over 80,000 individuals in technical security training and certified more than 38,000 security professionals. EC-Council has launched the Center of Advanced Security Training (CAST), to address the deficiency in the lack of highly technically skilled information security professionals.
Add Comment
Computers Articles
1. Web Scraping Quick-commerce Data From Careem Quik UaeAuthor: FoodDataScrape
2. Computer System Designer For High-performance Gaming Pcs
Author: Jack Williams
3. Extract Frozen Pizza Trends Data For 2025 To Stay Ahead
Author: FoodDataScrape
4. Rugtek Printers: Smart Printing For Retail Stores
Author: prime pos
5. Extract Quick Commerce Data Deliveroo Hop In Uk For Competitive Advantage
Author: FoodDataScrape
6. Extract Grocery Product Details Data From Kibsons Uae
Author: FoodDataScrape
7. Scrape Quick-commerce Product Data From Uber Eats Usa
Author: FoodDataScrape
8. Web Scraping Grocery Product Data From Postmates Usa
Author: FoodDataScrape
9. Breaking Down Barriers: How Ai Avatars Are Democratizing Global Video Content
Author: Deron William
10. Leverage Web Scraping Grocery Trends For Holidays Season
Author: FoodDataScrape
11. Find Best Barcode Printer Dealers In Hyderabad
Author: prime poskart
12. Cloud Computing Companies In India | Cloud Storage Providers In India | Sathya Technosoft
Author: Sathya Technosoft
13. Scrape Midnight Restaurant Offers During Navratri – Data Insights
Author: FoodDataScrape
14. City-wise Navratri Food Offer Scraper For Zomato & Swiggy
Author: FoodDataScrape
15. Scrape Grocery Basket Trends For Navratri 2025 – Shopper Insights
Author: FoodDataScrape