Phishing scams leveraging Anthem Breach
By now you’ve likely heard about the sophisticated security breach at Anthem health insurance provider. It’s been reported that up to 80 million healthcare records, including social security numbers have been compromised.
What I didn’t realize until recently was the value to criminals of healthcare records. It turns out that healthcare records make it easier to perpetrate identity theft than other methods. What I don’t know is whether that’s because social security numbers are exposed or if there is other data that makes it easier. Regardless, healthcare records get significantly more money per record than credit card records, up to $80 per record. This makes the value of this crime up to $6B.
However, the purpose of this post is not the breach per se. Rather it’s about the phishing emails and phone calls that either the perpetrators or others are engaging in. They have sent out emails that look something like this:
They have also been actively phoning potential victims offering to “help”.
These are scams. Anthem is sending mail via the USPS to effected customers. That is the only method that Anthem is using to contact effected customers.
For more information on the breach and Anthem’s response, see their FAQ.