Unless you’ve been living in a vacuum for the past week, you’ve most likely heard of the Target data breach. With more than 40 million credit cards compromised, there is a tidal wave of anger directed at Target. Consumers are justifiably frightened by the possibility of having their identity sold. That fear will fuel a completely different wave of scams—emails regarding identity theft.
Fraudulent emails from financial institutions, shipping companies, and merchants have been around for years. These emails rely on the coincidence factor, i.e., the scam email goes to a consumer who just happens to have had a recent transaction with the company mentioned in the email. Thanks to the Target data breach, there are now 40 million people who have a reason to be concerned about a transaction with one specific merchant. How long will it take the scammers to revise a sentence or two in their email to include “Target” as the source of the transaction? Sorry, but it’s already happened.
The Wall Street Journal reported that scammers had already mimicked an email from Target offering a 10% discount on Saturday to those affected by the data breach.
Tips to avoid the scam
- Check for an unusual email address for the sender. Any emails from Target would be from Target.com, not a different address.
- Legitimate emails should include your name, not a generic greeting such as “Dear Guest”
- Check for misspellings, poor grammar, broken graphics images, etc. However, be aware that the scammers who know what they’re doing now perfectly replicate legitimate emails.
- If you receive an email related to the data breach, be cautious and suspicious. Assume it is a scam.