When the long-awaited federal and state health insurance exchange websites launched Oct. 1, industry experts everywhere predicted an array of problems — slow load times, inconvenient registration requirements and even site crashes — many of which came true. Now that the dust from the initial pandemonium has settled, it’s clear there’s one big issue with the exchange sites few experts were able to predict: fraud.
So far, most of the fraud has been of the information-gathering variety; consumers are directed to websites almost identical to the federal or state exchange sites and instructed to enter basic information for registration. Some sites even ask consumers to enter financial information, such as credit card or bank account numbers, but according to experts, scammers will take whatever information they can get.
“Scammers go after whatever personal data they can get, including Social Security numbers, credit card numbers, and, in some cases, even security questions and answers,” explains Greg Mancusi-Ungaro, chief marketing officer at BrandProtect, an organization that provides corporations with tools to monitor online activities that misuse or misappropriate corporate brands.
“People tend to choose the same security questions, and the clever scammer will ask those questions and then use that information,” he says.
“They really want to capture any personal data that will either allow them to directly access your bank accounts, or they are after any information that will allow them access to your email account,” adds Dylan Sachs, director of identity theft at BrandProtect.
“If you think about it, if a scammer has access to your email, they’ll now have access to all of your social media profiles, banking information, utilities information, and medical information. Everything you do requires some kind of email address. If the criminal can capture your email, they can dig through your archives to find your bank account or even your Facebook username or password.”
Also read: Target breach spurs ID theft insurance interest
“They can reset your passwords to whatever they like, so then they have access to your entire friends network,” Sachs says. “It’s not just the financial information; they want identity information, too.”
With that information, Mancusi-Ungaro explains, scammers can control your online identity and personalities.
“Once they have that, there’s almost no limit to what they can do,” he says.