Hackers Go 'Phishing' In The Wake Of Target Data Breach

  • Playlist
  • Download
  • Embed
    <iframe src="" width="100%" height="290" frameborder="0" scrolling="no" title="NPR embedded audio player">
  • Transcript

The retailing giant Target is doing what it can to limit the damage from a massive data breach. But there are signs that other hackers are trying to take advantage of the original data theft with elaborate "phishing" schemes.


It's ALL THINGS CONSIDERED from NPR News. I'm Robert Siegel.


And I'm Melissa Block.

There are some fresh developments on the recent Target and Neiman Marcus security breaches. The theft of Target customer data was among the largest ever to hit the retail industry. And now, privacy experts are warning about so-called phishing scams that appear to offer help to those whose information was stolen. NPR's Yuki Noguchi reports.

YUKI NOGUCHI, BYLINE: Last week, Target CEO Gregg Steinhafel sent an email to more than 70 million people who had either their credit card or personal information stolen from Target's databases over the holiday season. In it, he warned customers to guard against possible scams by not responding to any text messages or to any emails requesting personal information. But around the same time, there were look-alike emails going out to some consumers posing as a warning from Target. Some of those emails asked consumers to protect themselves by clicking on a link.

WILLIAM PELGRIN: They look legitimate. They're very realistic. Everyone I could see falling prey to a particular phishing attack if it was well drafted.

NOGUCHI: William Pelgrin is the president and CEO for the Center for Internet Security, a nonprofit that advocates for greater public/private cyber security.

PELGRIN: When you get something like that, again, you're going to react very quickly. And all we suggest is take a breath, think it through. Always contact that organization directly.

NOGUCHI: Target spokeswoman Molly Snyder declined to comment for the record. But she confirmed the retailer has identified and, working with social media companies, taken down a dozen related online phishing scams. Meanwhile, over the weekend, two Mexican citizens were arrested in Texas near the U.S.-Mexico border. They were caught with cloned credit card information which local authorities are saying is related to the Target breach. But federal law enforcement officials say the connection is still unclear. The Secret Service declined comment, citing the ongoing investigation.

Steven Boyer is co-founder of BitSight, a cyber security firm that tracks the kind of malware used to infiltrate Target systems. He says he expects scams resulting from the recent breaches to be especially well-crafted.

STEVEN BOYER: What is particularly interesting about this attack is that because these adversaries were able to gain home address, email, name, they could do something very targeted.

NOGUCHI: A security company called IntelCrawler says it believes it has traced the origin of the malware to a couple of young Russians who put it up for sale in online market places. Dan Clements is IntelCrawler's president.

DAN CLEMENTS: When you have hundreds of IP addresses all pointing to a particular computer or person, it raises the probability of who they are and where they are.

NOGUCHI: One of the young men named by IntelCrawler disputes the charges that he was involved. Clements says his company has passed the information along to law enforcement. Now, based on the latest phishing attacks he's seeing, Clements says attackers are setting their sights on a new and very specific target: Executives at banks. Yuki Noguchi, NPR News, Washington.

Copyright © 2014 NPR. All rights reserved. Visit our website terms of use and permissions pages at for further information.

NPR transcripts are created on a rush deadline by a contractor for NPR, and accuracy and availability may vary. This text may not be in its final form and may be updated or revised in the future. Please be aware that the authoritative record of NPR’s programming is the audio.



Please keep your community civil. All comments must follow the Community rules and terms of use, and will be moderated prior to posting. NPR reserves the right to use the comments we receive, in whole or in part, and to use the commenter's name and location, in any medium. See also the Terms of Use, Privacy Policy and Community FAQ.

NPR thanks our sponsors

Become an NPR sponsor

Support comes from