We have received the following notice from BCBS regarding email phishing (pronounced fishing). Therefore we are passing this information on to our clients and non-clients as "being in the know". You may have already been notified by BCBS, then you have this information twice and please pass this information to others you know of who have BCBS accounts.
May 24, 2017
Information Security Alert: Attackers Impersonating BCBS Email Accounts
Our Information Security team has discovered what appears to be the beginning of an email phishing campaign that will be targeting business associates of Blue Cross and Blue Shield of Illinois (BCBSIL).
In this campaign, attackers may impersonate the email accounts of BCBSIL staff (known as “spoofing”) and use them to target our business partners or members. These spoofed emails may be used to send malicious files to compromise the user’s system or to fraudulently obtain confidential information. Since attackers do this outside of our company, we are not able to detect it.
If you have received an email from a BCBS address that is suspicious, do not respond to the email. Instead, save a copy of the email and call the sender using a verified telephone number to either confirm that the email came from them or to report the incident. BCBSIL staff have been instructed on how to route these reported security incidents.
As these incidents are reported, our Information Security team will continue to investigate and take corrective actions. Thank you for your cooperation.
© Copyright 2017 Health Care Service Corporation. All Rights Reserved.