Millions of email addresses were recently exposed and likely stolen from an online marketing company that does business with hundreds of the top retailers. If you've ever done business online with Best Buy, Target, Capital One, Walgreen, JP Morgan Chase, or Kroger (to name a few), then there's a good chance your email address has wound up in the wrong hands.
What does it mean? It means you should distrust any email claiming to be from these companies that in turn tries to lure you into logging into your online account. Unfortunately, you just have to assume that email is nothing more than a con job. It DOES NOT MATTER that the email "looks" legitimate. It can have all of the right logos and look absolutely like the real deal --- and still be a complete fake. Links included in the email will take you to a website that also looks legitimate but is nothing more than a false front to steal your login name and password, which the e-crooks then use to hack into your real account.
This is referred to as a "phishing" scheme. And this latest data breach is particularly troubling because the e-crooks could have obtained additional information that allows them to do an even more effective job at trying to fool you with the fake emails. The email could include an account number, a recent purchase, or other detail that's personal to you. Again, all designed to lure you in and fake you out.
These fake emails and phishing schemes have reached such an epidemic that we suggest you never open any link inside an email claiming to be from a company. In addition to leading you to a fake website, the link could also lead you to a poisoned website that will pass down a spyware infection to your PC, sometimes totally without your knowledge if your PC is missing key security patches.
It's better safe than sorry. Don't click on the link inside the email. Open your browser and go directly to the company website and then login as usual.
Link to related story posted on ABC News website: