The information provided on this website does not, and is not intended to, act as legal, financial or credit advice; instead, it is for general informational purposes only. Information on this website may not be current. This website may contain links to other third-party websites. Such links are only for the convenience of the reader, user or browser; we do not recommend or endorse the contents of any third-party sites. Readers of this website should contact their attorney, accountant or credit counselor to obtain advice with respect to their particular situation. No reader, user, or browser of this site should act or not act on the basis of information on this site. Always seek personal legal, financial or credit advice for your relevant jurisdiction. Only your individual attorney or advisor can provide assurances that the information contained herein – and your interpretation of it – is applicable or appropriate to your particular situation. Use of, and access to, this website or any of the links or resources contained within the site do not create an attorney-client or fiduciary relationship between the reader, user, or browser and website owner, authors, contributors, contributing firms, or their respective employers.
Credit.com receives compensation for the financial products and services advertised on this site if our users apply for and sign up for any of them. Compensation is not a factor in the substantive evaluation of any product.
Emails purportedly sent by health insurance companies and large banks are more likely to be fraudulent than those claiming to be from social media companies, a new research study reveals.
An email that appears to come from a health insurance company is four times more likely to be fraudulent — or two times more likely from a large U.S. bank — than an email ostensibly from a social media company like Facebook, according to Agari’s 2015 study.
Agari, which provides solutions to detect and prevent cyberattacks, analyzed 6.5 billion emails daily last year in nine industries for the study.
The study should make consumers and organizations more aware of the security of their email data and “how they can protect themselves from fraud,” says Patrick Peterson, Agari’s CEO.
The health care industry, which has been hit with massive cybersecurity attacks, has the worst average TrustScore of all industries surveyed, the study says. A TrustScore, based on a zero-to-100 scale, indicates how well organizations protect their consumers from email cyberthreats.
The poor TrustScores of health care companies are in line with an FBI warning last year. According to Reuters, the agency warned health care providers that their cybersecurity systems are lax compared to other sectors, making them vulnerable to hackers targeting American citizens’ medical records and health insurance data.
In February, Anthem, the nation’s No. 2 health insurance carrier, was struck by a cyberattack that exposed sensitive data of up to 80 million customers in all 50 states.
Last July, Community Health Systems, the nation’s second-largest for-profit health system, confirmed that information about 4.5 million patients was stolen in a cyberattack believed to have originated in China.
Agari’s study reports that six of 14 major health insurance companies surveyed had a TrustScore of zero. Aetna, though, was an exception. It had a 100 TrustScore in last year’s third and fourth quarters — “remarkable for a company in any sector,” the study says.
Email attackers targeted banks and other financial institutions more than any other types of company in 2014, but every category of bank surveyed had a low average TrustScore, the study says. The study looked at large and mega banks in the USA and mega banks in Europe.
“European megabanks, whose customers are some of malicious emailers’ most common targets, fared especially poorly,” the study says. They had a TrustScore of 33, the second-lowest of nine industries surveyed.
Large American banks had the third-lowest TrustScore, 36, and American megabanks scored 46. Two U.S. banks — Chase and Capital One — had perfect 100 scores.
Most companies haven’t implemented technology to prevent “cyber criminals from sending messages that appear to come from their domains — a failure that leaves customers vulnerable to phishing attacks,” the study concludes.
The emails from cyber criminals trick people into sharing sensitive information, “leading to identity theft and other crimes,” the study says. “Because victims of phishing attacks often blame the companies they thought sent the forged emails, the attacks also erode the trust companies spend years building with customers.”
Image: iStock
October 19, 2023
Identity Theft and Scams
May 17, 2022
Identity Theft and Scams
May 20, 2021
Identity Theft and Scams