Security experts warned Monday that banking customers should worry about a wave of spearphishing attacks utilizing the recently-breached email database stolen from marketing firm Epsilon.
The email addresses leaked during the breach could be used to send targeted attacks to the customers of Epsilon's clients, which include a host of financial services providers such as Barclays Bank of Delaware, CapitalOne, Citibank and JPMorgan Chase. The banks are "freaking out" about the leak, says Avivah Liten, vice-president of security research for analyst firm Gartner.
"The attackers are going to use the records - that's what the banks are worried about," says Litan. "It might not even be focussed on the victim's bank accounts. They might just be interested in using the spearphishing attack to get on the desktop."
Friday, Epsilon warned its corporate customers that their client email addresses had been stolen by an attacker. While the company counts a number of major banks among its customers, other companies - such as Best Buy, Disney Destination, and Tivo - were also affected by the breach.
Epsilon says it continues to investigate the attack.
"The information that was obtained was limited to email addresses and/or customer names only," the company said in a statement. "A rigorous assessment determined that no other personally identifiable information associated with those names was at risk."
The attacks should convince companies to take a second, if not a third, look at their outsourced providers' security. While credit-card information comes with an industry mandated set of security standards, names and email addresses are not protected in the same way.
for more information on this breach and who is at risk.
Here's a technology that may hold some promise for your road warriors: An in-vehicle voice-to-text system that lets drivers dictate email while keeping their hands on the wheel. BMW is showing a prototype of this system, which makes it possible for drivers to edit, send and receive messages using voice commands, reports Bruce Gain at PCWorld
The main novelty is that you can compose e-mails with the same ease of use that you would have with a PC in an office setting--without taking your eyes off of the road or using your hands. You respond to e-mail by dictating out loud what you want to say while using voice commands for editing functions, such as deleting, moving, or replacing text. For millions of workers who otherwise waste a large percentage of their time driving every day, being able to send and receive e-mails safely while commuting would represent an obvious boost in productivity.
The system, which could be sold as an option in production models within three years, as part of the company's plans to develop voice-activated commands to operate any function that drivers must otherwise activate today by hand. For example, the German luxury carmaker expects eventually to allow drivers to enter search queries on the Internet and to hear search results read out loud by using voice commands as well.
This is just one of BMW's initiatives to bring desktop-like functionality to the automobile by way of voice commands. The company's ConnectedDrive technology lets Blackberry users connect the handset to a dashboard console using Bluetooth, and listen to email and text messages read out loud to them.
Similar in-vehicle communications efforts are underway at other auto manufacturers. Ford offers the Sync infotainment system, which enables some smartphone apps to operate on a console. Future versions expected within five years would let drivers dictate messages and hear email read out loud, Gains writes. GM, for its part, is planning to release an OnStar voice communications feature for Android phone users.
What do you think? How many of you would respond to emails while driving? I know I would.
It’s an unfortunately common scenario. You’ve located a hot new web developer and they’ve worked your website into something you can really be proud of. Finally it’s time to go ‘live’ and you give the go-ahead.
The new developer has a nice inexpensive web host where he’s going to set up your site. He does so and, after a few hours, you
notice no one’s getting any email. Sales reps, on the road, report they can’t connect to your VPN. Clients are calling asking why no one’s replied to their emailed order. What happened??
Your new developer, while good at graphics and web coding, doesn’t understand DNS, the Domain Name Service. DNS is what tells the Internet where to find your email server, your email Web Access, possibly your VPN, etc.
It is very common for a hosting service to offer to move your domain’s Name Servers to their own host, for the person signing up. This seems very convenient but, unbeknownst to the developer, your Name Server has been publishing the location of your email, among other things, as well as your website. He blithely moves your Name Server to the new host, which erases all the non-www records of which he was unaware, and sets up the new web site. The web site works, but everything else doesn’t.
Your company will call River Run and we’ll eventually figure out what happened, when we check for your MX (Mail eXchange) record and find that there isn’t one. At that point, we will start reconstructing your various DNS records, which are probably not listed anywhere. If all goes well, your new MX record will propagate around the Internet within a day or two, after which your email will start arriving again. Yes, a number of emails will already have timed out, returning a message to the sender that your domain does not exist.
The ONLY thing your developer needed to do to bring the new website online is to change (or have changed) the www record on your original Name Server. Your web developer should NEVER change your Name Server location without discussing it with you and with your River Run support engineer. Ideally, the developer will only provide you with the new IP address of the new site and you, or we, will make the change to DNS. Email will never be interrupted and you will have your shiny new website, without it being tarnished by a variety of sudden crises.