Email clones hit Target customers

Imposters use 'clone' websites to steal consumer data

ORLANDO, Fla. - Target's decision to provide free credit monitoring for its customers is providing an unintentional opportunity for a new wave of credit card hackers.

The real service is being offered through ProtectMyID a subsidiary of Experion.

[WEB EXTRA: Target email pictures]

It is part of Target's aggressive response to the now infamous holiday data breach that impacted an estimated 40 to 70 million shoppers between Thanksgiving and the middle of December.

Security experts say "mimic or clone" websites have been popping up in email links that appear to be either from Target or some sort of data security service.

Chris Gilpin, a local consultant with National Crime Stop ,tells Local 6 that consumers are falling for the scams because their "guards are down" and the clone sites are convincing.

"These guys are good," Gilpin said. "You are sending it to a hacker who is typically going to be out of the country in most cases."

Target is already acknowledging the imposters. The company is providing examples of the store's official emails so consumers have a visual reference on

The website also provides specific information on how to sign up for the credit monitoring service with ProtectMyID.

According to Gilpin, some imposters have used "LifeLock" in their messages to get consumers to click the links he calls high tech traps.

Target's website link directs you to type in your name and email nothing else.

Gilpin says many  of the bogus sites ask for birthdays, social security numbers, even the credit card number and expiration date.

Remember if the sites ask for anything other than your name and email it is a fake.

Target says the code to allow you to tap into the security monitoring service will be sent within 72 hours after you send the request.

Target shopper David Weiser received a legitimate email and was still reluctant to believe the message.

"Who's sending me an active link telling me about the breach of security, when sending an active link in an email is breaching your own security?" Weiser said.

To avoid any confusion or risk, consumers can go to to request an activation code for the one year service.

Target says consumers need to file requests for an activation code before April 23, 2014 and then register for the offer through ProtectMyID before April 30, 2014.

Copyright 2014 by All rights reserved. This material may not be published, broadcast, rewritten or redistributed.