Security Corner

Feb 9 2015   6:12PM GMT

Beware Anthem phishing attempts

Ken Harthun Ken Harthun Profile: Ken Harthun

Tags:
Cybercrime
cyberscams
Data breach
Phishing
Security

In the wake of the Anthem breach, which affected approximately 80 million customers, cyber-criminals are launching phishing attacks by faking notifications from the company. They look pretty convincing (see photo) and unfortunately, a lot of gullible people are liable to fall for the ruse.

anthemphish

Anthem Phishing Email (Photo/Anthem)

Cyber-criminals often use alarming news stories to develop phishing campaigns and profit from unwary users who fall for the scheme. In this case, the cro0ks provide a link to a free year of credit monitoring for those who click the link. All that will happen, however, is the victim’s credit card information will be stolen.

Anthem has put up a FAQ page to deal with the breach. On that page, Anthem says, “Anthem will individually notify current and former members whose information has been accessed. We will provide credit monitoring and identity protection services free of charge so that those who have been affected can have peace of mind.” Note that they put no time limit on said monitoring and protection.

The company has also established a toll-free number, 1-877-263-7995, which currently delivers a recording warning of the phishing attempts and also outbound call scams directed at current and former members. The recording warns, “These emails and calls are not from anthem and no notifications have been sent from anthem since the initial notification on Feb. 4, 2015.” The recording further states that all notifications will be sent out in the coming weeks via snail mail.

My standard advice in these situations is always:

  • NEVER click on any links in emails.
  • NEVER reply to such emails or communicate in any way with the senders.
  • NEVER provide any information in any website that has popped open, whether or not you have clicked on a link in an email
  • NEVER open email attachments
  • NEVER give any caller who contacts you any personal information. Hang up and call the company directly.

The Federal Trade Commission has an excellent Consumer Information page on how to spot phishing scams.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: