The danger that stems from a major data breach not only comes from the breach itself, but the phishing attempts and scams that happen post-incident. Attackers live by the mantra: never let a bad situation go to waste. There is currently a string of phishing emails being delivered to the general public claiming to be from Anthem, alerting the public about the breach, and attempting to get consumers to enter personally identifying information (PII), such as social security numbers or credit card information.
The website that victims are visiting through the link within the email is not currently known to contain any malicious software or exploits. If you receive an email from Anthem, make sure that the website actually belongs to them. An easy way to tell is to hover over the link within the email. If the url that the link delivers to is anything but https://www.anthemfacts.com/ or https://anthem.allclearid.com/ – be very suspicious.
If you have any further questions regarding this bill, email
Nate Gravel – Director of the Information Security Practice at ngravel@gravoc.com
Related articles
Business Email Compromise: Top BEC Tactics & How to Protect Against Them
We take a look at Business Email Compromise, including common BEC tactics and what your business can do to protect against them.
FFIEC CAT Sunset: Why the CRI Profile is a Strong Alternative
With the FFIEC CAT sunset approaching, we explore why the CRI Profile is a strong alternative to the CAT for financial institutions!
FTC Safeguards Rule Compliance for Auto Dealerships
We’ll go over the FTC Safeguards Rule, what it requires, and how a managed service provider can help auto dealerships stay compliant.