« Is it Spam? This week in 419 (Advanced Fee Fraud) Spam | Main | The Affordable Care Act Will Depend on Secure Access for Success »

Tuesday, 08 October 2013

Is it Spam? This week in Healthcare Fraud email

Taking full advantage of U.S. national attention on the Affordable Care Act, the government shutdown, and the start of enrollment via the official Healthcare Insurance Marketplace, scammers are aggressively representing themselves as affordable alternative healthcare advisors.

Healthcarescam1

The lures in these spam campaigns include promises to explain health care reform, offers to compare your coverage against the non-existent plans they advertise, and promises of low cost and no exclusions based on pre-existing medical conditions. None of these claims or promises, of course, are legitimate. These sites will ask you to share your medical history, personal information, or social security number, or they may ask for enrollment fees. 

According to Stu Sjouwerman, CEO of KnowBe4, scams of these kinds will increase and become more aggressive. Sjouwerman explains that “Tuesday October 1, 2013, marks the first stage of the new health care act. There is going to be an enormous amount of confusion about this law, starting with whether you even need to buy a new policy or not. The bad guys have already figured a dozen ways to scam people”, adding that, “It would not surprise me if completely fake health care exchange websites will be promoted in the coming days.”

My spamtrap shows Stu actually underestimated how quickly scammers would begin healthcare phishing. Several examples of scams of this kind, with these or similar Subject: lines, began appearing on the last days of September.

Healthcare plans for when MediCare Comes Up Short for You

Can you find affordable healthcare in 2013? Check your options.

Health Insurance Plans as Low as $99.00/ Month

Health Insurance is more affordable in 2013

The impersonation sites look very credible. Below and on the left is the official Healthcare.gov site; on the right, a scam site.

Realhealthcaredotgov

 

Healthcarespamsite

October is not only the beginning of ACA healthcare enrollment but also National Cybersecurity Awareness Month (#NCSAM on Twitter).  Both Stu and I encourage you to remember to “STOP. THINK. CONNECT.” When you research or apply for healthcare. Tips to help you avoid falling prey to healthcare scammers:

  • Visit https://www.healthcare.gov directly. You can verify the trustworthiness and legitimacy of the site by examining the SSL certificate.
  • Be skeptical of any email that advertises or promotes “too good to be true” rates. Senior citizens should be particularly skeptical of such claims.
  • Don't be fooled by the use of familiar medical terms (COBRA, Medicare) or familiar healthcare provider brand names on the pages.
  • Use MyWOT or other reputation sites to check the link before you visit.
  • Be skeptical of or investigate the sender address of emails promoting healthcare.

Healthcarespam5

Sjouwerman warns us to "Look for coercive language in the message. Phrases like 'prevent a negative consequence' or 'you will be penalized if you fail to subscribe' are classic social engineering ploys".

When poking around one scam site I encountered a popup urging me to reconsider navigating away from the site. This is sure "tell" that the site is not to be trusted. Close your browser window immediately.

My colleague and friend recently wrote about his frustrating and time consuming visit to HealthCare.gov. This means trouble for you and a greenfield for scammers.

Frustration and impatience are exactly the reactions that scammers will attempt to exploit.

Please, again, remember to STOP. THINK. CONNECT.

Posted at 10:19 AM in Anti-Malware and Anti-phishing, Is it Spam?, Stop Think Connect |

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.

Find me on Mastodon and Facebook

Spotlight Posts

  • FTC's proposed Trade Regulation Rule on Impersonation of Government and Businesses is important for #infosec
    M3AAWG comments on the FTC's proposed rule Trade Regulation Rule on Impersonation of Government and Businesses is available. I was one of the contributors to the comment. In the comment, M3AAWG "suggests additional regulatory solutions and best practices to complement the goals of this rule, such as clarifying the scope of the rule to include the use of domain names in impersonation schemes and the use of technologies that enable impersonation" and the important role that Whois plays in investigating impersonation and fraud. Several reports that my Interisle colleagues and I published are cited in the comment, along with the...
  • Cybercrime Information Center reports sharp increases in phishing attacks, unique domains reported in August-October 2022 time period
    A recent ebb in domain names reported for phishing created some euphoria in the domain industry. With phishing activity, as with tides, ebbs are invariably followed by flows. In their August- October 2022 Quarterly Phishing Activity, the Cybercrime Information Center observed a 40% increase in phishing attacks and a nearly 20% increase in unique domain names reported for phishing.
  • Cybercrime Information Center's YouTube Channel
    My colleagues and I at Interisle have created a YouTube channel to complement the quarterly reporting and studies of cybercrime we host at the Cybercrime Information Center. Our goal is to share, in a few minutes, the findings and insights from our research in a format that's easily accessible and shareable, informative, and entertaining. The inaugural videos provide 2-5 minute summaries of our annual Phishing and Malware Landscape studies. We'll continue to produce videos of our annual studies. If you like what you see, leave us a comment.
  • Malware Landscape 2022: unabated malware growth, continued exploitation of IoT devices
    My colleagues at Interisle and I have published a study, Malware Landscape 2022: A Study of the Scope and Distribution of Malware. The study, which analyzed 2.5 million records of distinct malware events from May 2021 to April 2022 collected by the Cybercrime Information Center, explains what malware was most prevalent, where malware was served from, and what resources criminals used to pursue their attacks.
  • New TLDs are coming #Dangerclose.
    A Domain Name Wire post, Time to pay attention to the next round of new TLDs, begins with an ominous: They’re coming. Eventually. While not as dramatic or enduring as Arnold Schwarzenegger's "I'll be back", the reporter cites policy activity at ICANN as evidence that new TLDs are coming. Eventually. In a September 2019 post, and in response to the ICANN memorandum, Readiness to Support Future Rounds of New gTLDs, I asked, Has enough been done to study and rectify the concentration of security threats in the new TLD space? In that post, I quoted correspondence from ICANN's security advisory...

Search

My Photo

Categories