email led to Target breachThe Target breach that exposed 110 customers who shopped at the retail giant from November 27 to December 15 was most likely caused by a malware-laced email, as reported by KrebsOnSecurity. An employee of a Pennsylvania-based refrigeration, ventilation and air-conditioning company that worked with Target clicked on a malicious email and fell for a spear phishing attack, according to the the website — run by cyber-security blogger Brian Krebs — that cited sources close to the investigation. A spear phishing attack occurs when the victim receives an email laced with malware designed to take over the victim’s computer. These malicious emails are usually disguised as an message from a trusted company.

Once hackers gained access to the employees computer, they were able to somehow get into Target’s system and retrieve payment card data. The details of how the hackers got into Target’s system are unclear, however it’s clear that the spear phishing attack occurred two months before the theft of the payment cards.

What can consumers learn from the Target breach?

The magnitude of the Target breach has been a huge wake-up call for both companies and consumers, and as companies are beginning to tighten up on their cyber security, there are some things that consumers can also take away from the breach.

1. Paying with a credit or debit card is not always safe: Debit and credit cards have become the go-to payment option for most consumers because they’re simple to use, accepted nearly everywhere and don’t require consumers to carry around large amounts of cash or coins to make change. However, the Target breach and other breaches — such as Neiman Marcus, Michael’s Arts & Crafts, Marriott and others — have shown consumers that paying with a debit or credit card may not be the safest form of payment.

As alternatives, consumers can revert back to using cash for every purchase, or, simply, not enter their PIN into the store’s keypad. Opting to only use the “credit” option when consumers use debit cards will not completely protect them from falling victim to a data breach, however it can mitigate the amount of financial information exposed if hackers gain access to it. For example, if a consumer’s PIN is revealed in a breach, it allows the hackers to not only use the debit card that was exposed, but also gain access to all of the victim’s bank information using an ATM.

2. It’s best not to give personal information to companies: A lot of companies offer some sort of loyalty program that allows its customers to get some sort of benefit from shopping at the store. Even though these programs may save consumers money or add convenience to the shopping experience, they should think twice before providing the store with any sort of personal information because by providing that additional information, they may be putting their identity in jeopardy in the event of a data breach. Consumers should really think about the benefits of the loyalty program and question the store about how it manages personal information before they decide to sign up.

3. Anyone can fall victim to a cybercrime: One employee of a third-party company falling victim to a malware attack that led to Target falling victim to a data breach exposing 110 million customers proves that no one is safe from a cyberattack, regardless of the type of attack. Luckily, for consumers, there is something that they can do to make sure they don’t fall victim to a malware attack — protect themselves with Internet security software. This software is designed to block, detect and warn consumers of a potential threat before it infects and takes over a computer, tablet or smartphone in attempts to gather the owner’s personal information. Consumers can get Internet security software to protect their identity on Mac or PC computers, smartphones and tablets. Read the Internet security software reviews to learn more about these services.