Warning: Anthem data breach used as lure in Phishing campaigns

Emails used to harvest personal information and credentials

security phishing hook
Credit: Thinkstock

Hours after the nation's second largest health insurer announced that they've suffered a data breach that could impact millions of people; criminals started sending Phishing emails related to the incident, seeking personal information, as well as usernames and passwords.

The volume of scam email has reached such a level that even Anthem themselves are warning consumers to remain vigilant.

According to Anthem's alert, current and former Anthem members are being targeted by crooks in an attempt to capture personal information and other details such as usernames and passwords.

XSS has seen the Anthem Phishing email from three different sources, a screenshot of the email is posted below. At a glance, the email looks legitimate – except for one large mistake.

anthem phishing email example

The message itself states:

"We wanted to make you aware of a data breach that may have affected your personal health information and credit card data. The data which was accessed may impact clients who made credit or debit card payments for healthcare or who got treatment during the year 2014.

"Your trust is a top priority for Anthem, and we deeply regret the inconvenience this may cause. The privacy and protection of our client's health care information is a matter we take very seriously and we are working diligently to resolve the incident. To subscribe to a free year of credit card account protection please click on the link below and follow the instructions that will be required:"

There are several grammatical errors in the message formatting and wording; however the key phrase that proves this email is a criminal attempt to access your personal information centers on credit cards.

None of the data at Anthem that was compromised is financial, something the company pointed out immediately when they disclosed the breach.

This email, and others like it, are a perfect example of criminals jumping on the bandwagon of a trending news story in order to propagate their scam.

Anthem says that there is no proof that those responsible for the Phishing attack are the same ones responsible for the breach, and they're correct – because the person(s) responsible for the breach already have the data they were after.

It's important to remember that Anthem will not email you about this breach and ask for additional information. On that note, they wouldn't call you either – so phone calls are also scams.

"Anthem will contact current and former members via mail delivered by the U.S. Postal Service about the cyber attack with specific information on how to enroll in credit monitoring. Affected members will receive free credit monitoring and ID protection services," the company said in a statement regarding the Phishing emails.

Update: The email subject in at least one of the emails circulating is "Cyber Attack Against Anthem."

XSS is attempting to gather additional information on other variants reported to have started circulating over the weekend, so far there is confirmation on this.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.