ÿþ<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<meta name="description" content="April 2011 monthly newsletter regarding identity theft, scams, facts, news, and suggestions on how to protect yourself and your family from becoming victims of this fast growing crime." />

<meta name="keywords" content="id theft, identity theft, id theft prevention, id theft recovery solutions" />

<title>April 2011 Identity Theft Newsletter - Merchants Information Solutions, Inc.</title>

<link rel="stylesheet" href="http://www.idtheftedu.com/newsletters/includes/newsletter-2.css" type="text/css" />

<style type="text/css" media="all">

.content-middle

{

	height: 1350px;

	#height: auto;

}



th { color: #ffffff; text-align: center;}

</style>

</head>



<body>

<center>

<div class="wrapper">

	<div class="banner">

		<table width="800" border="0">

			<tr>

				<td width="50%" valign="top" align="left"><div class="banner-left"></div></td>

				<td width="50%" valign="top" align="right"><div class="banner-right">April 2011/Issue #39</div></td>

			</tr>

		</table>

	</div>

	<div class="content-top"></div>

	<div class="content-middle">

	<table width="800" border="0" cellpadding="5" cellspacing="5">

		<tr>

			<td valign="top">

				<div class="main-content">

					<a id="featured"></a>

					<div class="header-main">Feature Article</div>

					<div class="pic"><img alt="Mark Pribish" src="http://www.idtheftedu.com/newsletters/Images/Pribish.jpg" /></div>

					<div class="title">Did You Receive an Epsilon Data Breach Notification Letter?</div>

					By <a href="mailto:mpribish@merchantsinfo.com">Mark Pribish</a><br />

					Vice President and ID Theft Practice Leader

					

                    <p>On April 15, the Obama administration released the final version of the National Strategy for Trusted Identities in Cybersapce or NSTIC (<a href="http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf" target="_blank">read the article here</a>).</p>



                    <p>The primary purpose and strategy of this NSTIC document is to make public and private sector online transactions for individuals, businesses, organizations, computer networks, computer services and network related devices (like cell phones, iPhones, laptops, etc.) safer, faster and more private.</p>

                    

                    <p>Based on the Epsilon data breach event which exposed the e-mail addresses (and in some cases names) of an estimated 100 million customers of some of the nation's largest companies (<a href="http://www.nytimes.com/2011/04/05/business/05hack.html" target="_blank">read the article here</a>), this new national strategy for cyber security cannot happen fast enough.</p>

                    

                    <p>To show the significance of the Epsilon data breach, I have listed below a small sample of companies whose customer information was stolen:</p>

                    

                    <ul style="margin-left: 15px;">

                        <li>Ameriprise Financial</li>

                        <li>Best Buy</li>

                        <li>Capital One</li>

                        <li>Chase</li>

                        <li>Citi</li>

                        <li>Dell</li>

                        <li>Disney Destinations</li>

                        <li>Eddie Bauer</li>

                        <li>Hilton Honors Program</li>

                        <li>Marriott Rewards</li>

                        <li>Fred Meyer</li>

                        <li>Kroger</li>

                        <li>TD Ameritrade</li>

                        <li>MoneyGram</li>

                        <li>Red Roof Inn</li>

                        <li>Scottrade</li>

                        <li>Target</li>

                        <li>TIAA-CREf</li>

                        <li>Ritz-Carlton Rewards</li>

                        <li>US Bank</li>

                        <li>Verizon</li>

                        <li>Walgreens</li>

                    </ul>

                    

                    <p>To put this in perspective, cyber criminals with access to customer names and emails will send targeted (spear) phishing attacks to customers who receive regular email communications from the above mentioned business where they have an established relationship.</p>

                    

                    <p>Phishing attacks happen when cyber criminals send forged emails by pretending to be your bank, mortgage company, telecom company or any other organization that you do business with to trick you into giving your personal information including logins and passwords.</p>

                     

                    <p>While phishing is nothing new, the Epsilon data breach event allows for a high volume and more precise phishing attack   commonly known as spear phishing (<a href="http://www.fbi.gov/news/stories/2009/april/spearphishing_040109)" target="_blank">see details here</a>).</p>

                    

                    <p>For example, when a bank, financial services, hotel, or retail customer receives an email with their correct name the chance of a higher &quot;hit rate&quot; than a typical &quot;blind&quot; spamming campaign will create more success for cyber criminals.</p>

                    

                    Just as you may have received one or more email notifications from organizations that you do business with, I received email notifications from Marriott Rewards, Chase Bank, Best Buy, and Hilton.  <strong>So please note and pay special attention to all emails from businesses and organizations that you do business with including email communications.</strong>

                    

                    In summary, the Epsilon data breach continues to show how NO ONE COMPANY can EVER prevent a data breach event from happening.



					<p>To learn more about these threats and how to protect yourself and your family from Identity Theft, you can read my past newsletters at the Merchants Identity Theft Educational Website at <a href="http://www.idtheftedu.com" target="_blank">www.idtheftedu.com</a>.</p>



					<p>Sincerely,<br />

					Mark</p>

				</div>				

			</td>

			<td valign="top">

				<div class="toc">

					<div class="header-toc">In this issue:</div>

					<ul>

						<li><a href="#news">Latest ID Theft News</a></li>

						<li><a href="#featured">Feature Article</a></li>

						<li><a href="#facts">Facts and Stats</a></li>

						<li><a href="#resources">More Resources</a></li>

					</ul>

		

					<hr />

		

					<a id="news"></a>

					<div class="header-toc">Latest ID Theft News</div>

					<ul>

						<li><a href="http://www.foxnews.com/us/2011/04/21/feds-16-face-charges-pennsylvania-identity-theft-ring/" target="_blank">Feds: 16 Face Charges in Pennsylvania Identity Theft Ring</a><br /><br /></li>

						<li><a href="http://abcnews.go.com/Politics/online-identity-theft-digital-shoplifting-attract-security-guidelines/story?id=13421580" target="_blank">Online Identity Theft Prompts Security Guidelines From White House</a><br /><br /></li>

						<li><a href="http://www.therepublic.com/view/story/d13295919ab04141bd3882a009095ec3/CO-XGR--Colorado-Identity-Theft/" target="_blank">Colo. bill to redefine identity theft shelved because of lack of support</a><br /><br /></li>

						<li><a href="http://www.tulsaworld.com/news/article.aspx?subjectid=298&articleid=20110421_298_0_spanTu661435" target="_blank">Police investigating mail theft operation</a><br /><br /></li>

					</ul>

					<p>Visit our <a href="http://www.idtheftedu.com" target="_blank">Educational Website</a> for more news and resources.</p>

		

					<hr />

		

					<a id="facts"></a>

					<div class="header-toc">Facts and Stats</div>

					<p>Over <strong>500 million</strong> data records of U.S. residents have been exposed due to data security breaches since February 2005.</p>

		

					<hr />

		

					<a id="resources"></a>

					<div class="header-toc">More Resources</div>

					<ul>

						<li><a href="http://www.idtheftedu.com/id_theft_quiz.aspx" target="_blank">Are you at risk? Take our ID theft quiz</a></li>

						<li><a href="http://www.idtheftedu.com/id_theft_articles.aspx" target="_blank">Visit our complete Newsletter Archive</a></li>

						<li><a href="mailto:marketing@merchantsinfo.com" target="_blank">Questions, comments? Contact us.</a></li>

					</ul>

		

					<hr />

		

					<div class="header-toc">We've got you covered.</div>

					<p>If you still need to activate your Identity Program or would like to protect a family member, please visit our website. Or to speak to a professional Recovery Advocate please call:</p>

					<div class="phone1">1.866.Smart68</div>

					<div class="phone2">(1.866.762.7868)</div>

		

					<hr />

				</div>

			</td>

		</tr>

	</table>

	</div>

	<div class="content-bottom"></div>

	<div class="footer">&copy; 2011 - <a href="http://www.merchantsinfo.com">Merchants Information Solutions, Inc.</a></div>

	<div align="center" style=" margin-top: 10px;"><span style="font-size: 10px;">Follow us on:</span><br /><img src="http://www.idtheftedu.com/newsletters/images/social-graphics-2.png" usemap="#socialmap" border="0" /></div>

	<map name="socialmap">

		<area shape="rect" coords="1,1,24,24" href="http://www.facebook.com/pages/Merchants-Information-Solutions-Inc/156316957711872" alt="Facebook" target="_blank" />

		<area shape="rect" coords="27,1,48,27" href="http://www.linkedin.com/companies/merchants-information-solutions" alt="LinkedIn" target="_blank" />

		<area shape="rect" coords="50,1,74,24" href="http://twitter.com/MerchantsInfo" alt="Twitter" target="_blank" />

		<area shape="rect" coords="76,1,99,23" href="http://www.youtube.com/merchantsinfo" alt="YouTube" target="_blank" />

	</map>

</div>

</center>

<script src="http://www.google-analytics.com/urchin.js" type="text/javascript">

</script>

<script type="text/javascript">

_uacct = "UA-3377023-1";

urchinTracker();

</script>

</body>

</html>