About six months ago, we wrote a piece entitled, “Protecting Your Bank Account,” which warned of the threat of a major data breach impacting online banking. Late last week, the threat became reality. Email marketing company, Epsilon, reported its computers, which hosts email addresses and customer names from many major banks (Citi, JPMorgan Chase, Capital One) and other fortune 500 companies, had been attacked by hackers. They stole an unknown number of email addresses and customer names which could potentially lead to a significant number of phishing attacks. This occurs when a sender fictitiously poses as a known sender such as Chase Bank and requests that the recipient (you) provide personal information such as your bank account number. While phishing attacks are the most likely result of this data breach, there could be more damaging results if necessary precautions aren’t taken.
I’ve never heard of Epsilon. They have my email address?
You might be wondering how a company that you’ve never heard of has your email address and name. When you sign-up for a bank account or register as a new customer at a store or online service, there is sometimes a check box for receiving discounted partner offers. If you check this box, your email information will likely be sent to a 3rd party that manages the email marketing for these partner programs. If you don’t wish to receive these offers or provide your email address to these third parties, you should reset your account settings by notifying the business immediately.
Don’t they just have my email address & name?
This is true; the hackers likely just have your email address, name, and your bank or favorite store. But, that information might be enough for a hacker to get into your bank account if precautions aren’t taken. Let’s suppose you signup for a web-based service or social network with a username, password or email address that is also used for your online banking. The hackers could use your name and email address to potentially get your password and other information from this web-based service or social network by sending emails to customer service and posing as you.
In addition, many people create passwords based on something personal or memorable such as a combination of a parent or child’s birthday or a combination thereof. This information is easily accessible in the public records and thus is highly predictable, especially for sophisticated hackers.
What should I do to protect my bank account?
We suggest you start to get secure today by setting up a unique username, password & email addresses for your online banking. Make sure your username and password is completely random. Even if you forget your password and have to frequently reset it, it is better than leaving your personal and banking information at risk.
In addition, frequently monitor your bank account and set alerts at various account balances. This will make it easy and quick to identify unauthorized transactions that may have taken place.
More Banking Questions? Ask Finance Experts Online
Related Articles
->Protecting Your Bank Account
->My neighbor was the victim of identity theft. How can I avoid it?