The danger that stems from a major data breach not only comes from the breach itself, but the phishing attempts and scams that happen post-incident. Attackers live by the mantra: never let a bad situation go to waste. There is currently a string of phishing emails being delivered to the general public claiming to be from Anthem, alerting the public about the breach, and attempting to get consumers to enter personally identifying information (PII), such as social security numbers or credit card information.
The website that victims are visiting through the link within the email is not currently known to contain any malicious software or exploits. If you receive an email from Anthem, make sure that the website actually belongs to them. An easy way to tell is to hover over the link within the email. If the url that the link delivers to is anything but https://www.anthemfacts.com/ or https://anthem.allclearid.com/ – be very suspicious.
If you have any further questions regarding this bill, email
Nate Gravel – Director of the Information Security Practice at ngravel@gravoc.com
Related articles
PCI SAQ A vs SAQ D: Key Differences, Requirements & How to Choose
Confused about PCI SAQ A vs SAQ D? Learn eligibility, requirements, and how to choose the correct PCI assessment to avoid compliance gaps.
Cyber Risks in Higher Education: Why Universities Need Regular Penetration Testing
We explore cyber risks in higher education and how penetration testing can help universities protect their people, data, and reputation.
Cybersecurity Q&A Series: How to Check if my Business Email Has Been Compromised?
Learn how to check if your business email address has been compromised and what steps to take next to protect your business.