Send clear messages
Consider communications to potential victims with great care. Target made yet another egregious error by notifying customers of the breach via poorly considered, suspicious-looking email communications. The email included a suspicious sender with the address: TargetNews@target.bfi0.com instead of @target.com. Plus, it directed users to click on a link for additional details on the monitoring. The bizarre “bfi0” in the subdomain suggested nothing official to differentiate it from phishing and malware-laden emails sent by scammers following such corporate data breaches; scammers often make subtle tweaks. Because the notice was delivered via email and since it originated from a suspicious email address, the original message ended up in junk mail boxes.