Are you one of the roughly 70 million people who got an email from Target last week about the store's mega security breach? If so, be careful.
Target did indeed do a blast to customers to offer one year of free credit monitoring. The problem is scammers are also on the prowl and are sending out similar emails.
Target even says it has identified and stopped at least 12 scams preying on consumers via email, Facebook and other outlets.
The Target emails went to customers whose personal information was in the Target (TGT) database. Cyber thieves penetrated the records during the holiday shopping season breach discovered last month and stole info like names, phone numbers and email addresses. The full extent of the hacking is still under investigation.
In the meantime, here's what to do if you see an email from Target pop up in your inbox.
If you've already opened the email: Target has posted a copy of the email it sent out online. So go here to make sure the email you opened, the address it came from, and the link you clicked all matches up.
If it doesn't match, and especially if you clicked a link to an external website and entered personal information, you need to take action quickly, says Credit.com Chairman Adam Levin, who specializes in privacy and identity theft.
First, get a copy of your credit report, check your bank and credit card activity on a daily basis and call the credit reporting agencies to tell them what happened. You can ask to have a fraud alert placed on your account, meaning it will be flagged to lenders if someone attempts to open credit in your name.
If you're really worried, you can request a credit freeze, which prohibits any credit from being extended under your name. But that's a big step because you will have to go through the process of undoing this whenever you need credit again.
If you entered a credit card or debit card number, reach out to those institutions to warn them of potential fraud as well.
Related: Millions getting new debit, credit cards after Target breach
If you haven't opened the email: To avoid any chance of a virus or of falling prey to a potential scam, Levin recommends going directly to Target's website to view the letter you believe has landed in your inbox -- since even opening a fraudulent email could lead malware to be installed on your computer. And if you do open the email, don't click on any links.
You can also visit creditmonitoring.target.com directly to enroll in the free credit monitoring Target is offering. Once there, you will have to enter your email address and will be sent another email within 72 hours with a unique activation code to use in order to sign up for the service. The subject will mention the activation code.
All other correspondence from Target can be found here. The retailer emphasizes that it will never email a consumer and ask for personal information like a Social Security number or credit card information.
But it's not just emails claiming to be from Target that customers need to worry about.
If your personal information was compromised in the breach, that means scammers could contact you pretending to be anyone -- like another retailer or even the IRS.
"These people are now in harm's way -- you have to look really carefully at any email you click on from now on," said Levin. "If there was ever a moment for people to think, 'It could happen to me' ... this is that moment."