Target just launched an email alert campaign about its data breach investigationm, but a lot of people are suspicious and think it's a scam.
The concern is understandable. The massive data breach at Target has people are on high alert for phishing emails and copy-cat scams. Target and other security experts remind us to avoid clicking links on unsolicited emails. Then, Target sends an email with links. What's more, many people say they haven't shopped at Target in months, and never gave Target their email address.
A check on Target's corporate website confirms the email is legit. The company even provides a copy of the official email to help you verify it's authenticity. The email refers to both the data breach revealed during the holidays, (timed between November 17th and December 15th) and the discovery last week that millions more accounts are involved.
Estimates to date are that information was taken from as many as 70 million customer accounts.
The explanation and personal apology is signed by Target President and CEO Gregg Steinhafel. Steinhafel encourages recipients to go to the Target website and get the required code needed to activate a free year of credit monitoring through Experian's monitoring product called ProtectMyID.
Some consumer advocates believe much of the stolen information could be from stored data- based on Target transactions you made decades ago. If you never gave target your email address, my guess is the company got it by working with your bank or credit card company as part of the investigation.
But even though the email is legit- your safest bet is to stick with the practice of avoiding links on any unsolicited emails that deal with your security or personal information. Log directly to Target's corporate website and follow the credit monitoring instructions - which by the way do involve personal information on the secured ProtectMyID site.