FORT LAUDERDALE ? The recent attack on marketing email provider Epsilon has resulted in millions of users’ contact information being stolen, which has led security expert BullGuard to call for increased awareness of the dangers of unsolicited email and phishing attacks.

The incident is being dubbed as ?one of the largest security breaches in US history?, and could result in swathes of spam being sent to unwitting consumers in an attempt to steal personal data such as credit card and bank account details.

Epsilon provides marketing services to around 2,500 companies sending over 40 billion emails annually. Contact information from 50 of these was believed to have been stolen in the attack. Its clients include J.P. Morgan and Citigroup, along with commonly used services such as Play.com and TripAdvisor.

While the hope is that the majority of attempts to make use of this information for financial gain by malicious third parties will fail, it comes as a stark warning to those who would freely offer up contact information.

?The scale of the attack is concerning and could lead to a revised set of security measures for dealing with customer data,? says Philip Dall, mobile security expert at BullGuard. ?But the most immediate concern is to ensure that users are aware of the types of threats posed by unsolicited emails, how to recognize them, and how to guard against them.?

?Customers should rightly expect to feel safe when giving an email address or contact details to established and trusted companies, but this recent attack goes to show that trading of such data should still be done with caution,? he said.

The reasons for such an attack are not new, and it is likely that the stolen information will be traded on a profitable ?black market? of consumer data that is frequented by those looking to exploit the lack of awareness many have over the dangers of spam emails and phishing attacks.

?While security software is commonplace on modern computers, and will likely include a spamfilter as standard, awareness is essential and we believe that educating consumers about safe practices is just as important as ensuring that our own software is capable of combating modern threats,? said Dall.

In response to the recent attack, BullGuard outlines a number of safeguards consumers should be aware of, as well as ways to detect whether an email is spam or from a legitimate source:

1. Set up an email address specifically for handing out to companies that request these contact details that is separate from the one used to manage bank transactions, purchases and financial information. In doing so users will become instantly suspicious of any requests for information sent to the ?wrong? account.

2. Be very wary of any requests for personal information via email, especially if that email asks that you log on to an external website (usually via an included link). Hackers take great care to appear legitimate and may copy the typical formatting, including logos and contact data from the actual company in order to make you believe they are genuine.

3. Be particularly careful when opening attachments from emails unless you?re sure you know who the sender is, and ideally what the file itself contains. This is one of the most common ways in which hackers can install hidden software onto a computer designed for data retrieval and other malicious purposes without your knowledge.

4. Pay attention to the URL of any sites that may be requesting personal information, since ?mirror? sites are often set up to appear to be part of an official company, often with very similar addresses. This is known as ?spear phishing?, which takes place when those sending spam emails are aware of the ties between a consumer and a particular company or service and will look to take advantage of these in order to appear genuine. Any web page that requests personal information should also be secure, as denoted by a padlock icon in the status bar of a web browser and the presence of an ?S? in ?https://?, which indicates that the page, and therefore your data, is encrypted.

5. Use spam protection to ensure that potentially dangerous emails are filtered from your inbox. Most modern security suites should include a good spam filter that can work unobtrusively in the background.

6. If in doubt, call the customer service number of the company in question from the official site or any documents you may have from them, and ask them to confirm the request. This is one area of security where it?s most definitely better to be safe than sorry.

a>>