I was one of those people who shopped at Target during the holiday season. There was no suspicious activity on my account, but my credit union was extremely proactive about identifying those who were vulnerable and replacing their cards. After reading a NY Times article on just how lax Target's IT security is, I now use only cash while shopping there.
A few days ago, I received an email from Target, offering me free credit monitoring. At least, the email *looks* like it is from Target. There are no links in the email to take me to god-knows-where, but I don't know *how* Target would get my email address or would know that I had shopped there during the time in question. The only legitimate answer is, my credit union shared my email address with them. Illegitimate possibilities abound, though.
It is not unusual for the ads in FB and Yahoo and other sites to reflect my online browsing and shopping, so I don't think I am being paranoid. Or am I?