Cyber criminals have come up with a new strategy for getting insurance agents and brokers to click on dangerous links: They convey the idea that they’re insurance industry insiders by referring both to the National Association of Insurance Commissioners and to the NAIC’s Center for Insurance Policy and Research (CIPR).
The NAIC has posted an alert about the NAIC-based phishing strategy at the top of its start page, at http://www.naic.org.
Phishing is the practice of using emails, telephone calls or text messages that “seem real” to get confidential information out of the targets.
“We are aware of a phishing scam targeting insurance producers regarding a falsified insurance claim related to their company that has been submitted to the National Association of Insurance Commissioners,” the NAIC says in its alert. “This fraudulent email displays the NAIC and CIPR logo, currently originates from a Gmail account and asks the recipient to click on a link to download the complaint notification.”
Some antivirus products correctly identify the phishing emails as malicious emails, the NAIC says.
The NAIC is asking producers or others who get the phishing emails to contact the NAIC service desk.