Insurance and Phishing - Cyber Security Informer

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

Digital Shadows

JANUARY 22, 2025

Were thrilled to unveil our latest threat landscape report for the finance and insurance sector, offering in-depth analysis of the evolving cyber threats facing this industry. In this industry, a single compromised account can trigger large-scale phishing campaigns, causing reputational damage, financial losses, and regulatory penalties.

Insurance

Insurance Phishing Social Engineering Engineering

‘Tis the Season for the Wayward Package Phish

Krebs on Security

NOVEMBER 4, 2021

Here’s a look at a fairly elaborate SMS-based phishing scam that spoofs FedEx in a bid to extract personal and financial information from unwary recipients. One of dozens of FedEx-themed phishing sites currently being advertised via SMS spam. ” Attempting to visit the domain in the phishing link — o001cfedeex[.]com

Phishing

Phishing Scams Mobile DNS

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

MAY 24, 2019

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. based First American is a leading provider of title insurance and settlement services to the real estate and mortgage industries. First American Financial Corp. Image: Linkedin. Santa Ana, Calif.-based billion in 2018.

Insurance

Insurance Banking Identity Theft Scams

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

You’ve probably never heard of “ 16Shop ,” but there’s a good chance someone using it has tried to phish you. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com. The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries.

Phishing

Phishing Passwords Internet Internet

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

AUGUST 14, 2020

The “RCM” portion of its name refers to “revenue cycle management,” an industry which tracks profits throughout the life cycle of each patient, including patient registration, insurance and benefit verification, medical treatment documentation, and bill preparation and collection from patients.

Ransomware

Ransomware Healthcare Insurance Phishing

UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach

Malwarebytes

JANUARY 27, 2025

Health insurance information: Details about primary, secondary, or other health plans/policies, insurance companies, member/group ID numbers, and Medicaid-Medicare-government payor ID numbers. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. Watch out for fake vendors. Take your time.

Data breaches

Data breaches Healthcare Passwords Insurance

Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT

The Hacker News

SEPTEMBER 9, 2024

The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized version of a known commodity remote access trojan (RAT) known as Quasar RAT since June 2024.

Insurance

Insurance Phishing

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

That’s where cyber insurance may be able to help. For that reason, most experts now recognize that a complete cybersecurity strategy not only includes technological solutions aimed at preventing, detecting, and mitigating attacks, it should also include cyber insurance to help manage the associated financial risks. That’s a 29.1%

Cyber Insurance

Cyber Insurance Insurance Marketing Small Business

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

eSecurity Planet

MAY 27, 2021

The explosion of ransomware and similar cyber incidents along with rising associated costs is convincing a growing number of insurance companies to raise the premiums on their cyber insurance policies or reduce coverage, moves that could further squeeze organizations under siege from hackers. Insurers Assessing Risks.

Cyber Insurance

Cyber Insurance Insurance Cyber Attacks Ransomware

What you should know when considering cyber insurance in 2023

CSO Magazine

DECEMBER 6, 2022

As the frequency and severity of ransomware, phishing, and denial of service attacks has increased, so has demand for cyber insurance. billion in direct written premiums were recorded in 2021, a 61% increase over the prior year, according to an October 2022 memorandum from the National Association of Insurance Commissioners.

Cyber Insurance

Cyber Insurance Insurance Phishing Ransomware

GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks

The Hacker News

OCTOBER 11, 2024

A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In

Phishing

Phishing Insurance Malware Software

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms

The Hacker News

OCTOBER 9, 2023

-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit named EvilProxy to conduct credential harvesting and account takeover attacks.

Phishing

Phishing Financial Services Insurance Banking

Policyholders may be the primary target in hack of cyber insurance provider CNA

SC Magazine

MARCH 24, 2021

Insurance firm CNA Financial, a prominent provider of cyber insurance, confirmed a cyberattack against its systems, which has some concerned that cybercriminals may target policyholders. They could also phish certain policyholders. (Antoine Taveneaux, CC BY-SA 3.0 link] , via Wikimedia Commons).

Cyber Insurance

Cyber Insurance Insurance Hacking Ransomware

Smashing Security podcast #223: Booze, nudes, and insurance dudes

Graham Cluley

APRIL 14, 2021

Should insurance companies be banned from helping companies pay ransomware demands? All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley … Continue reading "Smashing Security podcast #223: Booze, nudes, and insurance dudes".

Insurance

Insurance Ransomware Malware Phishing

4 ways businesses can save money on cyber insurance

Malwarebytes

JULY 10, 2022

Without cyber insurance , you can expect to pay a dizzying amount of cash. In 2022 alone, the average cost of a data breach for businesses under 1,000 employees was close to $3 million—and these costs are coming from activities that cyber insurers typically cover, such as detecting and responding to the breach. Fixed rate.

Cyber Insurance

Cyber Insurance Insurance Data breaches Phishing

BazarCall Ransomware warning to all insurance firms

CyberSecurity Insiders

JULY 12, 2022

A Ransomware called BazarCall seems to target Insurance agents and clients and so Insurance specialist CFC has issued a warning to the companies into similar business and operating across the globe to step-up their defense-line against malware attacks, by proactively taking adequate measures.

Insurance

Insurance Ransomware Backups Malware

UK sees 35% increase in mobile phishing exposures – Global State of Mobile Phishing Report

IT Security Guru

MARCH 1, 2023

Mobile phishing is an issue plaguing the masses and a growing concern for enterprises, particularly as 2022 had the highest percentage of mobile phishing encounter rates ever, according to Lookout ‘s Global State of Mobile Phishing report. have been exposed to at least one malicious phishing attack every quarter.

Mobile

Mobile Phishing Financial Services Insurance

Sperm bank breach deposits data into hands of cybercriminals

Malwarebytes

MARCH 19, 2025

Social Security Numbers (SSN) Health insurance information CCB is posting lettersalong the lines of this California example to everyone who may be impacted. Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device cant be phished. Watch out for fake vendors.

Banking

Banking Data breaches Computers and Electronics Passwords

Cyber Liability Insurance – What You Need to Know

Duo's Security Blog

MAY 23, 2022

Cyber liability insurance can be a lifeline in the event of a major incident or breach. million per year , resulting in cyber insurance premiums jumping up by 50-100%. No doubt, cyber insurance is a hot topic right now. The unfortunate reality is that cyber insurance is becoming a necessity for organizations big and small.

Insurance

Insurance Cyber Insurance Data breaches Backups

Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions

Krebs on Security

FEBRUARY 8, 2019

A highly targeted, malware-laced phishing campaign landed in the inboxes of multiple credit unions last week. One of the many variations on the malware-laced targeted phishing email sent to dozens of credit unions across the nation last week. Secret Service to financial institutions nationwide.

Phishing

Phishing Insurance Scams Banking

Cyber insurer launches InsurSec solution to help SMBs improve security, risk management

CSO Magazine

APRIL 20, 2023

Cyber insurance provider At-Bay has announced the launch of a new InsurSec solution to help small-to-mid sized businesses (SMBs) improve their security and risk management postures through their insurance policy. The emergence of InsurSec technology reflects a cyber insurance landscape that has seen significant change recently.

Cyber Insurance

Cyber Insurance Insurance Risk CISO

How security pros, the insurance industry, and regulators can combat ransomware

SC Magazine

APRIL 19, 2021

AIG is one of the top cyber insurance companies in the U.S. Today’s columnist, Erin Kennealy of Guidewire Software, offers ways for security pros, the insurance industry and government regulators to come together so insurance companies can continue to offer insurance for ransomware. eflon CreativeCommons CC BY 2.0.

Insurance

Insurance Cyber Insurance Ransomware InfoSec

Healthcare security lapses keep piling up

Malwarebytes

FEBRUARY 21, 2025

Insurance companies have shown that their interest in buying specific medical information, like prescriptions that identify medical conditionssuch as HIV, cancer, or psychiatric disorders. Cybercriminals can use PHI against affected individuals to phish or extort them. 2FA that relies on a FIDO2 device cant be phished.

Healthcare

Healthcare Data breaches Passwords Phishing

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

Security Affairs

OCTOBER 4, 2023

Threat actors exploited an open redirection vulnerability in the job search platform Indeed to carry out phishing attacks. Researchers from the cybersecurity firm Menlo Security reported that threat actors exploited an open redirection vulnerability in the job search platform Indeed in phishing attacks. ” continues the report.

Phishing

Phishing Insurance Manufacturing Banking

100 million US citizens officially impacted by Change Healthcare data breach

Malwarebytes

OCTOBER 25, 2024

The Office for Civil Rights (OCR) at the HHS confirmed that it prioritized and opened investigations of Change Healthcare and UnitedHealth Group, focused on whether a breach of protected health information (PHI) occurred and on the entities’ compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Rules.

Healthcare

Healthcare Data breaches Passwords Identity Theft

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

JULY 24, 2018

Hackers used phishing emails to break into a Virginia bank in two separate cyber intrusions over an eight-month period, making off with more than $2.4 Now the financial institution is suing its insurance provider for refusing to fully cover the losses. million total. THE LAWSUIT.

Banking

Banking Insurance Computers and Electronics Cyber Insurance

Exploring influences on SSC grades for insurance companies

CyberSecurity Insiders

JANUARY 19, 2022

There are more online stores and services available than ever, and you are able to shop for almost anything online whether it's groceries or insurance. In particular, insurance companies are tempting targets for cybercriminals as they hold personal and financial information for numerous clients. The vocabulary of cybersecurity.

Insurance

Insurance Cybercrime Cybersecurity Phishing

23andMe bankruptcy: How to delete your data and stay safe from the 2023 breach

Malwarebytes

MARCH 25, 2025

That has worried some experts who have pointed out that a new owner could, for instance, hand over customer data to insurance companies to hike up monthly premiums, or to data brokers to power increasingly invasive, targeted advertising. Some forms of two-factor authentication (2FA) can be phished just as easily as a password.

Passwords

Passwords Accountability Data breaches Phishing

Cybercriminals Target Senior U.S. Executives Using EvilProxy Phishing Kit

Heimadal Security

OCTOBER 25, 2023

Threat actors use EvilProxy phishing-as-a-service (PhaaS) toolkit to target senior executives in the U.S. in massive phishing campaigns. It mainly targets companies in the banking, financial services, insurance, real estate, and manufacturing sectors.

Phishing

Phishing Financial Services Insurance Manufacturing

New Phishing Campaigns from Scattered Spider Target Finance and Insurance Industries

Penetration Testing

MAY 12, 2024

The notorious cybercriminal group, Scattered Spider, previously known for high-profile attacks on MGM and Caesars, has now broadened its scope to aggressively target the finance and insurance industries, according to a recent report from... The post New Phishing Campaigns from Scattered Spider Target Finance and Insurance Industries appeared (..)

Insurance

Insurance Phishing Penetration Testing

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Krebs on Security

NOVEMBER 19, 2021

Naturally, a great deal of phishing schemes that precede these bank account takeovers begin with a spoofed text message from the target’s bank warning about a suspicious Zelle transfer. Ken Otsuka is a senior risk consultant at CUNA Mutual Group , an insurance company that provides financial services to credit unions.

Scams

Scams Banking Passwords Authentication

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

We are seeing increased use of AI to automate attacks, including malware generation and phishing campaigns. Insurance Becomes a Necessity The rise of high-profile cyberattacks has led to increased demand for cyber insurance. Ensuring visibility, control, and data protection across these environments will be paramount.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Technology

A week in security (January 13 – January 19)

Malwarebytes

JANUARY 20, 2025

Welcome to 2025 Stay safe!

Insurance

Insurance Phishing Advertising Malware

GUEST ESSAY: The Top 5 online privacy and data security threats faced by the elderly

The Last Watchdog

JUNE 9, 2022

And, let’s be honest , the deceptive writing phishing assaults and other cyber threats today employ are skilled enough to fool even the most trained, internet-savvy experts. Phishing emails and messages may appear from a company you’re familiar with or trust, and they can appear to be from a credit card company or a bank.

Identity Theft

Identity Theft Scams Insurance Internet

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Duo's Security Blog

OCTOBER 18, 2021

One area where campuses have been collaborating recently are changes around cyber liability insurance for higher education, an opportunity for campus cybersecurity teams to combine forces with their risk management team. In a recent Duo blog post, we gave an overview of cyber liability insurance.

Insurance

Insurance Education Risk Cyber Insurance

Spam and phishing in Q3 2021

SecureList

NOVEMBER 1, 2021

million redirects to phishing pages. The “customer” was asked first to provide personal information: passport, phone, medical policy, insurance numbers and date of birth, and then to enter their card details to pay for the purchase. Statistics: phishing. Geography of phishing attacks. Top-level domains.

Phishing

Phishing Scams Accountability Computers and Electronics

BayMark Health Services sends breach notifications after ransomware attack

Malwarebytes

JANUARY 10, 2025

Some forms of two-factor authentication (2FA) can be phished just as easily as a password. 2FA that relies on a FIDO2 device cant be phished. Phishing attacks often impersonate people or brands you know, and use themes that require urgent attention, such as missed deliveries, account suspensions, and security alerts.

Ransomware

Ransomware Data breaches Passwords Phishing

BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar

Security Boulevard

SEPTEMBER 5, 2024

BlindEagle’s primary method to gain initial access to the targets’ systems is through phishing emails. Figure 2: Example BlindEagle phishing email spoofing DIAN with a PDF attachment and malicious link in the email body.The download URL directs the victim to a password-protected ZIP archive. gov.co" top-level domain.

Insurance

Insurance Phishing Banking Encryption

New Report Benchmarks Phishing Risks Across Industries and Regions

SecureWorld News

AUGUST 4, 2023

Phishing remains one of the top cyber threats faced by organizations, and as phishing scams become more sophisticated, security leaders need clearer insights into phishing risks across their industry and geography to prioritize defenses. million users across more than 35,000 global organizations that use KnowBe4's platform.

Phishing

Phishing Risk Security Awareness Retail

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

APRIL 15, 2019

“The company has robust internal processes and a system of advanced security technology in place to detect phishing attempts and protect itself from such attacks. “The buyers were state-owned Life Insurance Corporation of India (LIC), New India Assurance and General Insurance Corporation. “A total of 44.4

Insurance

Insurance Healthcare Technology Cyber threats

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

Generative AI tools can more convincingly write phishing emails so that the tell-tale signs of a scamlike misspellings and clumsy grammarare all but gone. Cybercrime is a very mature field that relies on a set of well-established tools, such as phishing, information stealers, and ransomware that are already feature complete.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

BlindEagle APT Targets Colombian Insurance with BlotchyQuasar RAT

Penetration Testing

SEPTEMBER 8, 2024

Cybersecurity researchers at Zscaler ThreatLabz have uncovered a new wave of attacks by the BlindEagle APT group, this time zeroing in on the Colombian insurance sector. Utilizing phishing emails masquerading... The post BlindEagle APT Targets Colombian Insurance with BlotchyQuasar RAT appeared first on Cybersecurity News.

Insurance

Insurance Phishing Cybersecurity Malware

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

Since its emergence in 2021, Medusa has targeted over 300 victims across various critical infrastructure sectors, including medical, education, legal, insurance, technology, and manufacturing. What is Medusa ransomware?

Ransomware

Ransomware Backups Firmware Insurance

Top 10 Cybersecurity Trends to Expect in 2025

Hacker's King

DECEMBER 24, 2024

AI-powered malware and phishing schemes can adapt to defenses in real time, making them harder to detect and counter. Expansion of Cyber Insurance As cyberattacks grow in frequency and scale, the demand for cyber insurance will surge. Organizations must invest in advanced AI-based security tools to stay ahead.

Cybersecurity

Cybersecurity Cyber Insurance IoT Insurance

Report Finds 50% of Scattered Spider Phishing Domains Targeted Finance & Insurance

‘Tis the Season for the Wayward Package Phish

Trending Sources

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Karma Catches Up to Global Phishing Service 16Shop

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach

Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT

Top 8 Cyber Insurance Companies for 2022

Cyber Insurers Pull Back Amid Increase in Cyber Attacks, Costs

What you should know when considering cyber insurance in 2023

GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms

Policyholders may be the primary target in hack of cyber insurance provider CNA

Smashing Security podcast #223: Booze, nudes, and insurance dudes

4 ways businesses can save money on cyber insurance

BazarCall Ransomware warning to all insurance firms

UK sees 35% increase in mobile phishing exposures – Global State of Mobile Phishing Report

Sperm bank breach deposits data into hands of cybercriminals

Cyber Liability Insurance – What You Need to Know

Phishers Target Anti-Money Laundering Officers at U.S. Credit Unions

Cyber insurer launches InsurSec solution to help SMBs improve security, risk management

How security pros, the insurance industry, and regulators can combat ransomware

Healthcare security lapses keep piling up

Phishing campaign targeted US executives exploiting a flaw in Indeed job search platform

100 million US citizens officially impacted by Change Healthcare data breach

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Exploring influences on SSC grades for insurance companies

23andMe bankruptcy: How to delete your data and stay safe from the 2023 breach

Cybercriminals Target Senior U.S. Executives Using EvilProxy Phishing Kit

New Phishing Campaigns from Scattered Spider Target Finance and Insurance Industries

The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back

Top Cybersecurity Trends to Watch Out For in 2025

A week in security (January 13 – January 19)

GUEST ESSAY: The Top 5 online privacy and data security threats faced by the elderly

How MFA and Cyber Liability Insurance Effectively Manage Risk in Higher Education

Spam and phishing in Q3 2021

BayMark Health Services sends breach notifications after ransomware attack

BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar

New Report Benchmarks Phishing Risks Across Industries and Regions

Experts: Breach at IT Outsourcing Giant Wipro

New AI “agents” could hold people for ransom in 2025

BlindEagle APT Targets Colombian Insurance with BlotchyQuasar RAT

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

Top 10 Cybersecurity Trends to Expect in 2025

Stay Connected