By now, you have heard that eBay managed to lose all its 145 million credentials.
Cybercrime works a lot like a business, and they have massive phishing campaigns all set to go for the next major data breach. Just add a logo, change one line of code and they are off to the races.
And so it goes with the recent eBay debacle. Trend Micro predicted that in 2014 we would see one or more major security breaches a month, and up to now they are not far off the mark. There are several pitfalls with a large breach like this: first the data itself will get sold, causing even more identity thefts. Next, the breach will be used by other cyber mafias to social engineer people into going to a fake eBay site, and fill out confidential information.
eBay has made the inexcusable mistake of sending its users an email WITH A LINK THEY NEED TO CLICK. How much stupider can eBay be? We warn people all the time Phishing 101 is to NEVER click on a link in an email, rather go to the site directly in your browser. The bad guys are going to have a field day with this. Epic eBay FAIL.
There will be phishing attacks claiming to be from eBay, with an urgent request to change your password right away, because “your financial data is at risk”. While they have you on their fake site, they will probably also ask for your security question and possibly either your credit card or bank account information. So, THINK BEFORE YOU CLICK!