[Nfbf-l] {Spam?} Beware All Who Have Medicare! Increasing amounts of phishing and malware-infected emails

Alan Dicey adicey at bellsouth.net
Mon Oct 13 01:04:29 UTC 2014 

Dear Friends,
I found this on a web site, and thought, since so many of us have Social 
Security Retirement Income, or Social Security Disibility Income (SSDI), and 
therefore Medicare, with the advent of the Medicare open enrollment period 
starting in just a few days, there are increasing amounts of phishing and 
malware-infected emails circulating, and this article would surely be worth 
sharing.
With Best Regards,
God Bless,
Alan
Plantation, Florida
 Please join me on
www.nfblive.org
where through learning, friendship, activities, and growth, together "we can 
live the life we want."

Beware All Who Have Medicare!
Posted on October 12, 2014 by abletec
Please Share

Medicare open enrollment begins on October 15, 2014 and extends through 
December 7, 2014.
Over the past few months, I've noticed a decidedly increasing number of 
emails purporting to be from Medicare premium providers and/or their 
representatives, which has increased to a veritable steady stream toward the 
end of September and beginning of October. I expect the amount to remain 
constant or actually increase somewhat till the period of open enrollment 
ends.
So Why Do Spammers Send these?
There is 1 basic reason these emails are being sent: . . .. money.
So how do the spammers actually get money?
That can happen in several ways.
1) They create a very official-looking website that requests various pieces 
of information in order for you to sign up for a Medicare plan. Such 
information may include:
name,
address,
date of birth,
email, and
possibly even a social security number.
They'll also ask you to create a username and password, which they're 
betting you use on more than 1 site (but you wouldn't do that, right?). If 
you do, and if your email has a web interface (and what email doesn't these 
days?), they could potentially try signing into your email account and 
determine which financial institutions you do business with if you bank 
online. From there, it's a simple matter for them to log into your online 
banking if you use the same password there, or to request a password reset 
if you don't. They may even change your email password, thereby locking you 
out of your email account while they log in to your bank and steal your 
money.
2) They can sell the information gained from you to criminals in underground 
forums, who in turn use it to commit identity and/or financial theft.
3) Their very official-looking website can be poisoned with malware. Once 
infected, your computer could be redirected to various websites in order to 
click on advertisements, and the spammers get paid for each click that 
occurs. Or, the computer could be used as part of a "distributed denial of 
service" (DDOS) attack. In these attacks, computers are formed into networks 
called "botnets", which are under the control of the criminals' 
command-and-control server. Each individual computer in a botnet is called a 
"zombie".
These botnets can then be used to flood legitimate websites, such as 
government or financial institutions with so much traffic that it makes the 
website unusable by legitimate visitors.
So, in essence, your computer is helping criminals do their dirty deeds.
The requesting of personal information with criminal intent is called 
"phishing".
So how do you protect yourself?
The first rule is not to click on any email links you receive. If you wish 
to go to a link, type the link directly into your web browser. So, to go to 
the Medicare site, for example, type:
www.medicare.gov
Also note that legitimate sites will never contact you via email requesting 
information such as passwords, usernames, and social security numbers.
Another thing you can do to see where the email link points to is to 
right-click the link and select 'Copy Link Location' from the context menu 
that appears. In one of the latest spams I received, this is what came up:
falconbeakedjaculationgz.com/kKfa2gTCalk4AaUWSKv-lfG1MpU&sa=D&sntz=1&usg=AFQjCNF3CWaHd-DRqtYQEonewXw5tO0D9A
That truly looks like something that would direct to a Medicare-related 
site, doesn't it? (NOT!)! (
note: the http prefix was eliminated so that the link could not be clicked).
Another thing to do is to look at the 'From"' field of your email address.
In this case, the idiot wasn't even sophisticated enough to try to make you 
think it was coming from some sort of Medicare site-the address was simply
help47ka at falconbeakedjaculationgz dot com
Again note that I've changed the email address so as to not allow it to be 
clicked.
My suggestion is that if you're looking to change your Medicare options, or 
even just explore those available to you, start by going to:
www.medicare.gov
Whatever you do, don't clikc on just any links you receive in emails!

Please Share
I received this information from:

Brighter Vision Technologies

Where Visionaries & Technology Unite for Good

http://brighter-vision.com/2014/10/12/beware-all-who-have-medicare/

More information about the NFBF-L mailing list