A few weeks ago we closed on our new house in Dublin. This weekend we’re going to one of those ‘home shows’ where people try and sell you all sorts of things for your home. We know there are some things we want to do with the house so we’re headed out to the convention centre this weekend. Tickets are “free” but they ask for contact information, including an...
Equifax compromise and their insecure response
Today it was announced that someone infiltrated Equifax earlier this year and stole 143,000,000 identities. These identities include names, birthdates, and addresses, at a minimum. Details are available at your favorite news site. What I want to talk about is the website they’ve put up to address the issue. This website is Yet Another Example of how the financial services industry trains...
Target breach started from email
According to Brian Krebs the compromise of Target’s POS system probably originated with a phishing attack against one of Target’s vendors. This attack compromised credentials of the HVAC vendor and possibly allowed the hackers entrance into Target’s systems. Interestingly, Brian mentions Ariba, a company I’ve been forced to deal by a large customer of ours. I’m not...
CNN warns about Target copy-cat phishes
Target did indeed do a blast to customers to offer one year of free credit monitoring. The problem is scammers are also on the prowl and are sending out similar emails. Target even says it has identified and stopped at least 12 scams preying on consumers via email, Facebook and other outlets.CNN: Did you get an email from Target? I’m not surprised in the least that phishers are copy-catting...
Target "acquires data"
It was our priority to inform as many guests as quickly as possible. Relevant emails were pulled from a variety of sources. @AskTarget It looks like Target is mailing data that was never given to them in an effort to “inform” customers of the data breach. There are lots of problems with how Target is managing this email campaign. The first is in delivery. They’re hitting...
Target, Epsilon, Spam
If you enter “bfi0” into the Google search box, it’s suggestions are:
bfi0 target
bfi0 com whois
bfi0 spam
target.bfi0.com spam
That says a lot about how people are perceiving the mail Target are sending through Epsilon.