Internet-based criminals are using last week’s hack of Anthem BlueCross BlueShield to perpetrate a new scam on the company’s customers, security expert Brian Krebs is reporting. In an effort to steal even more information from victims, hackers are posing as the health insurance provider to send out phishing emails with embedded, clickable links to get “your free year of credit card protection.” Criminals are also targeting victims with cold phone calls.
If you get an email claiming to be from Anthem about the recent data breach, don’t be fooled. “These emails and calls are not from Anthem and no notifications have been sent from Anthem since the initial notification on February 4, 2015,” the company explains on its toll-free hotline.
On that date, Anthem admitted that its servers had been compromised, allowing hackers to make off with information pertaining to up to 80 million of the company’s past and present subscribers. The criminals were able to access names, birthdays, medical IDs/social security numbers, street addresses, email addresses, income data and employment information. It is not believed that credit card or medical information were compromised in the attack.
Krebs suggests the emails and calls purporting to be from Anthem are likely random and opportunistic – the result of greedy troublemakers trying to cast a wide net. Regardless, the company is encouraging those on the receiving end of these communications to not click on any links, not to contact the senders in any way and not to open any attachments that may accompany such an email.
Anthem says its next communication with affected customers will be arriving via U.S. mail in the coming weeks. If you have any questions about a letter or call you’ve received, the smartest thing to do is call the company’s breach hotline at 877-263-7995 for more information. You can also visit the breach FAQ by visiting the website www.anthemfacts.com.
[Image credit: Fradulent Anthem Email]