Phishing Scams Take Advantage of Anthem Inc. Data Breach

This blog recently reported on the massive data breach at Anthem Inc., the second largest provider of health insurance in the country. The data breach, which forensic investigators are now reporting could have begun as early as April of last year, has the potential to affect over 50 million people currently insured through Anthem or one its subsidiaries. In response to this breach, Anthem has sent out many emails to customers explaining the breach, the nature of the information obtained by the hackers responsible for the attack, and what these customers can do to protect themselves from additional exposure. In an official statement issued once the breach was made public, Anthem insists that it will notify all affected customers by mail to describe exactly what protections are being offered.

Unfortunately, this hasn’t stopped scammers from trying to capitalize on this tragic data breach. Multiple phishing emails have already been spotted in the wild that look like an official communication from Anthem. In this email, customers are offered one year of free credit monitoring as a result of the breach if they click on the link embedded within the email. At the time of this writing, this blog has been unable to obtain a copy of the fake email and as such, do not know where the link actually leads.

That said, Anthem has already confirmed that the email is not genuine and the link likely leads to a malicious site designed to extract even more information from potential victims.

Anthem also confirmed (in another statement) that it is aware of a large number of phone scams associated with the breach as well. It appears that criminals are cold calling people in an attempt to gain more information, although at this time it isn’t 100% clear if the data stolen from the breach has fallen into the hands of these scammers or if it is a random attempt to capitalize on news of the breach.

anthem phishing emails

Anthem has gone on record stating that “These emails and calls are not from anthem and no notifications have been sent from anthem since the initial notification on Feb. 4, 2015”. While it still could be a few weeks before actual Anthem notifications begin arriving to affected customers via snail mail, security experts agree that these email and phone scams will continue to be a popular tactic for scam artists and may even increase in frequency as awareness of the breach grows.

If you are someone you know are a current or former Anthem customer, keep in mind that any emails or phone calls are NOT legitimate and should be disregarded immediately.

Links embedded within these rogue emails are likely to bring victims to phishing sites created to extract additional information or to use drive-by download techniques to install malware on the PC. To protect yourself, immediately delete any emails purportedly from Anthem and do not provide any personal information via the phone should be contacted by an “Anthem” representative.

▼ Show Discussion

About the author:

Karolis Liucveikis

Karolis Liucveikis - experienced software engineer, passionate about behavioral analysis of malicious apps.

Author and general operator of PCrisk's "Removal Guides" section. Co-researcher working alongside Tomas to discover the latest threats and global trends in the cyber security world. Karolis has experience of over five years working in this branch. He attended KTU University and graduated with a degree in Software Development in 2017. Extremely passionate about technical aspects and behavior of various malicious applications. Contact Karolis Liucveikis.

PCrisk security portal is brought by a company RCS LT. Joined forces of security researchers help educate computer users about the latest online security threats. More information about the company RCS LT.

Our malware removal guides are free. However, if you want to support us you can send us a donation.

About PCrisk

PCrisk logo

PCrisk is a cyber security portal, informing Internet users about the latest digital threats. Our content is provided by security experts and professional malware researchers. Read more about us.

Malware activity

Global malware activity level today:

Medium threat activity

Increased attack rate of infections detected within the last 24 hours.

Virus and malware removal

This page provides information on how to avoid infections by malware or viruses and is useful if your system suffers from common spyware and malware attacks.

Learn about malware removal