Crooks Taking Advantage of US Gov’t Shutdown, Obamacare
While the government seems to think it’s OK to take a vacation at the taxpayer’s expense, cybercriminals are taking this silly holiday as a means to reel distraught Americans into forking over their personal information. Two separate methods have been uncovered by Symantec and Trend Micro, one that focuses on related clearance sales of vehicles, and another that focuses on the Health Insurance Exchange websites.
For starters, Symantec reports that the Symantec Probe Network has detected a large number of email scams using the government shutdown theme, most of which center around clearance sales of cars and trucks. By clicking on the included URL, unsuspecting shoppers looking for a good deal are directed to a website providing the bogus offer.
Symantec reports that these email messages are using random headers in order to evade spam filters. That means cybercrooks are able to slip into the main inbox folder to present their bogus deals. Web surfers are advised to keep an eye out for the following subjects: “Half-off our autos for each day the US Govt is shut down” and “Get half off MSRP on new autos for each day of govt. shut down”. Sender addresses include shut.down, short.term, very.limited and limited.event.
Trend Micro paints a scarier picture. However for starters, we need to set the stage first. President Obama’s Affordable Care Act (Obamacare) began on Monday, and includes Health Insurance Exchange websites for Americans to sign up for healthcare coverage themselves rather than through their employer. This batch of portals includes one provided by the federal government, and one provided within each state. Then within each state, there can also be legitimate third-party sites that provide assistance and even broker coverage.
Therein lies the problem. At this time, all of these sites supposedly have no official markings certifying them as government-backed websites. Even more, the state and third-party sites aren’t even required to provide the ability to verify the site using SSL: many don’t even use SSL for verification at all save for the Federal portal. That said, insurance shoppers will be faced with thousands of sites claiming to be legit Affordable Act Care portals.