With the Affordable Care Act going into effect tomorrow, it’s time to be on the lookout for phishing scams. Phishing is when cybercriminals pose as a legitimate company or agency in an attempt to trick consumers into revealing personal and/or banking information. Cybercriminals will be trying to capitalize on the confusion surrounding the new law to find unsuspecting victims.
Here is how you can protect yourself:
1. Get to know a little more about the new law. The more you know, the less likely you’ll be scammed. Here’s a great, quick video (from whitehouse.gov) that gives the basics about the Affordable Care Act. Then, visit heathcare.gov for more information.
2. Don’t use a search engine. If you’re registering for the Health Insurance Exchange, start with the federal government or state government’s website, not a search engine. Scammers could easily set up what looks to be a legitimate site to gather information. Go to trusted sites, such as those with .gov in the web address to find additional resources and websites. Note: As always, it’s better to type the URL for any new sites yourself rather than following a link that could have been hijacked by cybercriminals.
3. Note any spelling or grammar errors. Misspellings and grammar mistakes could mean it’s a phishing attempt. The government isn’t immune to human error, but they won’t send an email or publish a website riddled with grammar mistakes and typos.
4. Hang up. If you receive a call from an “official agency” saying they need your Medicare, banking, or personal information to secure healthcare coverage, hang up. It’s highly unlikely someone from the government is contacting you directly (when’s the last time the government reached out to you personally? Probably not recently!). And, if the call was from the government, they wouldn’t need to ask you for much, if any, information because they’d have it on file.
5. Delete it. If you receive an email from an “official agency,” don’t respond (see #3 above).
If you really think the call or email could be legitimate, don’t answer any questions right away. Write down the name of the agency and respond to the call/email using a number you looked up yourself. Use the phone book or look up the number on the Internet (using a reliable, trusted website, of course.)
To report phone fraud, visit FTC.gov or call 1-877-FTC-HELP. To report a fraudulent email, send it to phishing-report@us-cert.gov.