Security Tip of the Week
Turbotax and Anthem Data Breach Scams
It was reported in a survey by Ponemon that in the last year 43% of companies experienced a data breach. Chances are that a company you do business with has had a breach in the last year and these companies have taken steps to contact you.
As a consumer, it is challenging to figure out if an email you might receive is legitimate or a phishing attempt that is disguised as an email from a real company. This tip profiles two sample companies that had recent breaches and the challenges for consumers in determing what emails to pay attention to and how to securely respond to the emails.
Intuit, the company behind the Turbotax software, has reported increased phishing scams targeting customers. Hackers are attempting to steal users' IDs and personal information to file fraudulent tax returns. One way to be certain that you are logging in safely is to avoid clicking on any links provided within emails. Go directly to the secure site [example: https://turbotax.intuit.com] to log in.
A full list of Intuit's security alerts can be found at the following URL: https://security.intuit.com/security-alerts.php
Phishers and phone fraudsters are using the massive data breach reported by the health insurance provider Anthem to steal financial and personal data from consumers. If you receive an email or phone call from someone claiming to be from Anthem, do not give out your personal information. Instead, if you have concerns regarding your account, contact the number on your statement or on the back of your insurance card.
If you receive one of these messages, remember:
- DO NOT click on any links in email.
- DO NOT reply to the email or reach out to the senders in any way.
- DO NOT supply any information on the website that may open, if you have clicked on a link in an email.
- DO NOT open any attachments that arrive with email.
For more information on how to protect yourself from phishing scams, visit: https://www.rochester.edu/it/security/yourself/phishing.html
Reminder that we maintain a Phish Tank at https://www.rochester.edu/IT/security/phishtank/index.html.
If you have any questions about this, you can contact your appropriate IT helpdesk.
Do you have ideas that should be shared as security tips of the week? If so, please send them to UnivIT_SP@ur.rochester.edu.