How the Scam Works:
You get an email to your work account that seems to be about your
benefits. It looks official -- and important -- so you open it. The
message contains "urgent news," such as your policy has been
canceled, reduced or suspended.
To fix the situation, the email instructs you to either click on a
link or open an attachment. Don't do it! Clicking the link either
downloads malware to your computer or leads you to a form that
phishes for information. Malware hunts for confidential or banking
information on your machine and opens you and your company up to
In the sample message ABOVE, the scam message claims that
your life insurance policy has been reduced, and you need to click a
link to review the policy changes.
How to Spot a Scam Email:
- Watch for look alike URLs. Be wary of sites that have the
brand name as a subdomain of another URL (i.e. "brandname.scamwebsite.com")
or part of a longer URL (i.e. "companyname
- Hover over URLs in emails to reveal their true destination.
Scammers can make links appear to lead to a legitimate website,
when they really point to a scam site, like the examples above.
[to top of second column]
- Don't open attachments from unfamiliar sources.
Legitimate businesses rarely send unsolicited emails with
attachments. Always confirm an email is real before you
- Consider how the business normally reaches you. Did you
sign up for email alerts from your health insurance provider
or does your HR person typically convey policy updates? A
change from normal communication patterns is likely to be a
- Contact the business or HR department. When in doubt,
call the business's customer support line or your company's
HR department to check the legitimacy of the email. Be sure
to find the phone number on your bill or by a web search --
not the email or website the scammers gave you.
[Better Business Bureau serving