Early last week, we noticed a large number of rogue emails circulating in the insurance industry. These emails are aimed at retrieving your login information. We would like to tell you how to recognize this spam and what you can do.
Early last week, a large number of ANVA employees received emails from various senders requesting to collaborate on a document. This involved a .PDF document stored in OneDrive. An example of such a request can be found below.
After opening the link, you will be directed to OneDrive. Here you will be asked to enter your e-mail address. There is nothing wrong with this in itself. After this, the relevant document is opened. Namely, a .PDF file containing an image and a hyperlink to another page. The link redirects to an insecure website where you are once again asked to enter your username and password. Do not do this!
At first, this seemed like a random spam attack. After contacting some of our industry partners, we learned that the spam attack is much larger than we thought. We see that the spam is expanding rapidly and several organizations already appear to be infected. The attack currently seems to be targeting only the insurance industry. We therefore suspect that this is a deliberate attack on our industry. While we obviously do not know this for sure, we want to at least get ahead of escalation.
Inform your organization about this spam attack, for example, by sharing this message. Do you get the email in question? If so, do not open the e-mail. Have you opened the file but not clicked on the link in the document? Then there's still nothing to worry about. Inform the sender of the spam of the situation so that he can take measures to stop the spread. The sender is probably not aware that this is happening.
Have you found out that spam is being sent from your e-mail address? Then your login details have most likely already fallen into the wrong hands. We advise you to change your password as soon as possible and enable two factor authentication where possible. We also advise you to contact the person within your organization who is in charge of security as soon as possible. Such as a security officer and/or application manager.
