Story updated with a comment from internet security consultant.



) --

Capital One

(COF) - Get Capital One Financial Corporation Report


JPMorgan & Chase

(JPM) - Get JPMorgan Chase & Co. (JPM) Report

are warning customers to be careful opening emails allegedly coming from their respective institutions after a third-party marketing firm's system was hacked Friday.

Capital One, JPMorgan Chase,

Barclays Bank

(BCS) - Get Barclays PLC Sponsored ADR Report


U.S. Bancorp

(USB) - Get U.S. Bancorp Report



(C) - Get Citigroup Inc. Report

, all use a system designed by

TheStreet Recommends


to manage emails to their customers.

Epsilon announced Friday that its system had been breached and customers' email addresses and names were exposed. No other personal or financial information, according to press releases from the banks. Customer information was also breached at several retail outets.

Retailers Victims of E-Mail Hackers >>

The banks and Epsilon are currently investigating the incident, according to statements, and customers are being warned that their email is subject to spam and phishing attacks.

"Customers are reminded to ignore emails asking for confidential account or log-in information and remember that familiar looking links in an email can redirect to a fraudulent site," according to Capital One statement issued Monday. "If you get an e-mail that claims to be from us but you aren't sure, or you think it's suspicious, don't click any of the links."

The banks pointed out, however, that the only information at risk was customer email addresses and no account information was compromised.

"We are advised by Epsilon that the files that were accessed did not include any customer financial information, but are actively investigating to confirm this. As always, we are advising our customers of everything we know as we know it," a JPMorgan Chase statement said.

Cenzic, a security consultancy, said that access to bank customer email gives fraudsters a platform for a more lucrative attack.

"The next logical step for these hackers is using that stolen data for phishing schemes, in an attempt to get at the bank accounts of every individual. With the amount of people affected by today's breach, that's a long, lucrative list for hackers," said Mandeep Khera, Cenzic chief marketing officer.

--Written by Maria Woehr in New York.

To contact the writer of this article, click here:

Maria Woehr


To follow the writer on Twitter, go to


To submit a news tip, send an email to: