Data breaches are not a new occurrence and have been steadily getting worse over the years. As expected, 2014 was the worst so far. As we start a new year, you only need to glance at the news to see how serious email data breaches can be in light of the recent Sony hack.
According to the Identity Theft Resource Center, the number of data breaches identified during Black Friday/Cyber Monday 2014 totaled 708, a 26% increase over the same period in 2013. This does not bode well for the same period in 2015 if this data is anything to go by!
In the US, a high profile email data breach involved the home improvement retailer, Home Depot. At the end of 2014, it was the target of a massive data breach that resulted in the loss of 53 million email addresses and 56 million credit card details being stolen. Once the breach was identified, Home Dept contacted all the affected customers warning them of the email breach and gave them additional details on how to avoid phishing scams. Unfortunately, many still fall victim to common phishing emails that cause untold damage. Understanding these scams is important not just for the customers, but for companies who want to protect their brand.
According to a Trend Micro study (PDF), 91% of all data breaches occur as a result of a “spear phishing” email, which is more personally targeted to the email user. A spear phishing email will contain the recipient’s personal information in a way that is harder for email users to identify as fake. This means that they are more likely to engage with the content. Some examples include invoice approvals or a password-reset email.
Once the spammer has the user’s data, they then use it to conduct spear phishing campaigns that target the businesses’ customers. In 2013, Target Corp. suffered a data breach through a phishing attack against one of their vendors.
While it is difficult to defend against all email data breaches, it is good practice for all companies to check their Domain-based Message Authentication, Reporting & Conformance specification (DMARC) for all inbound email. DMARC provides receiving ISPs with the ability to separate a brand’s genuine email from spoofed email that failed authentication. This provides an extra level of protection for customers and provides DMARC users feedback on the health of their email authentication program.
In the end, DMARC may not have prevented the major data breaches that occurred in 2014, but all business should be doing whatever they can to stop fraud and protect their customers’s details from ending up in the wrong hands.