Credit: Shutterstock
Cyber thieves have learned something about insurance regulation and are trying to use that knowledge to steal money from insurance agents and brokers.
Officials at the Nebraska Department of Insurance warned insurance producers about the "phishing" campaign in a new notice.
The thieves are creating emails that look as if they come from the domains of trusted insurance regulatory organizations, such as the National Insurance Producers Registry's nipr.com domain.
The thieves refer in the emails to invoices for payment that are past due and ask the recipients to click on links to submit payments.
"These messages are fraudulent and were not sent from an official NIPR email address or account," Nebraska department officials said in the email.
Officials at NIPR and insurance departments in other states, such as Delaware and Oklahoma, are sending out similar warnings.
What it means: Phishers are interested enough in hacking insurance producers to know what NIPR is.
The emails: The phishing emails may have "spoofed" headers showing that they come from trusted domains, but links in the emails may connect to sites controlled by the phishers that are in different domains, officials said.
Another sign that an email comes from a phisher is use of a generic greeting, such as "Dear Customer," rather than the recipient's name.
The phishing emails may also contain spelling mistakes, unusual phrasing and warnings that create a sense of urgency, officials said.
© Arc, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to TMSalesOperations@arc-network.com. For more information visit Asset & Logo Licensing.