Yesterday, Target announced that it had just become aware that its recent hacking went beyond the credit card and debit card data including PINs of 40 million of its customers to also include names, mailing addresses and phone numbers of up to 70 million of its customers. This disclosure means that unlike previously thought, the hacking was not limited to hacking of the point of sale credit card processing devices found at the checkout stations, but was far more extensive into the data systems of Target. It also opens up a new avenue of scams where Target customers can expect to get contacted by phone, email or text messages from scammers posing as Target representatives who will be seeking personal information which they will use to make the Target customer a victim of identity theft. These emails and text messages will be directly addressed to the customer by name prompting the customer to click on links or download attachments for further assistance, however, if the customer does so, he or she will only succeed in downloading a keystroke logging malware program that can steal all of the information from the victim’s computer that will also lead to the customer becoming a victim of identity theft. Phone calls will also be directed to the customer by name and you should be wary there, as well. This type of scam is called spear phishing.
You can never be sure when you receive a telephone call, email or text message if the person communicating with you is who he or she represents himself to be. Therefore, never click on links or download attachments in emails or text messages unless you are absolutely positive that the communication is legitimate and because in this case ,as in others, the identity thief has your name, the communication may appear to be directed personally to you, you cannot trust the communication merely because it appears to be legitimate. In this case, as in others, if you think the communication may not be a scam, check it out by calling or going to the real website of the person or company purporting to send the communication at a phone number or website that you know is correct to find out whether or not the original communication was legitimate or not. The same goes for telephone calls. You can never be sure who is calling, so never give personal information over the phone to anyone whom you have not called. Instead call them back at a number you know is accurate.