Target Corp. issued another update on the breach of its point-of-sale systems saying that phishers are using the incident to trick consumers into revealing sensitive information.
The basic modus operandi of phishers is to send mass emails in the name of a financial institution or other company to consumers, asking them to divulge account information such as user names and passwords and often directing them to spoofed versions of the company’s Web site.
“We are aware of limited incidents of phishing or scam communications,” Target says in an update released today. To allay consumer fears, it added PDF versions of all official communications that Target sends consumers to its corporate Web site.
Target confirmed last week that the POS systems at its nearly 1,800 U.S. stores had been breached, affecting 40 million credit and debit card accounts.
Target also said it held a conference call Monday with a number of state attorneys general to discuss the breach. “The majority of state offices were in attendance on the call,” Target says. It anticipates holding another call with them the week of Jan. 6.