Security Breach of Anthem Being Exploited with Phishing Attacks
Theverge.com reported on 7th February, 2015 quoting a warning in an official statement by the firm as "During first week of February, fraudsters and hackers have seized massive attack of Anthem which is the second largest health insurance company of US as an opportunity to execute phishing scams.
Anthem has announced on 4th February, 2015 hiring of credit monitoring agencies to deal with the data leak and the genuine-looking scam emails are being spammed out purporting to be from it. Anthem is warning all its customers not to click on any links, share any data with senders or download any data as it will contact customers by snail mail only.
Anthem confirmed that there is no signal which says that this first group of attackers is using stolen data or email addresses from its servers. Rather, adventurous crooks are only attempting to cash on these events.
Unfortunately, when a major incident happens, scammers are quick to take advantage of it by starting spam campaigns based on the incident to deliver malware pieces to innocent users or to direct them to phishing pages.
The insurance company (Anthem) is confirming that no data belonging to any credit card was stolen and no medical records were accessed. That is very good as the records include names, birthdays, addresses, email addresses, medical IDs/social security numbers and employment information including income data which means these are everything you require to steal someone's identity.
Matters turned horrific when some received cold calls from fraudsters who claim to be from Anthem. Experts highlight that both are clearly illegal and trying to obtain sensitive information for illegitimate purposes.
Softpedia.com published on 7th February, 2015 quoting a warning of the company on such phishing attacks as "Anthem will contact present and past members through email delivered by the U.S. Postal Service (USPS) about the cyber attack with specific information on how to enroll in credit monitoring."
In the meantime, department of Insurance in California, has announced an enquiry into the incident and will coordinate its actions with other state insurance authorities to find out what went wrong which caused the security breach of Anthem.