As enrolment for the controversial Affordable Care Act or Obamacare starts today, cybercriminals already had a head start, spewing Obamacare-related spam as early as first weeks of September.
Spam containing the terms “medicare” “enrollment” “medical insurance” started surfacing during the first week of September. Some of these spam variants can be easily recognized as such. However, others appear professional enough to fool some users into opening the email and clicking the links in these messages.
Figure 1. Sample Obamacare spam
Once users click these links, they are lead to nefarious pages, in particular survey scam sites. These sites typically encourage users to disclose certain information by pretending to be consumer survey pages or promising enticing prizes or in this case, Apple products like iPad, iPhone 5 etc.
Figure 2. Sample survey scam page
Given spammers history of shrewdly using noteworthy events (iPhone 5s launch, the birth of the Royal baby), it comes as no surprise that Obamacare-related spam are making headway. Because of Obamacare’s novelty and impact, this may create confusion among American users. Spammers, unfortunately, see this as an opportunity to lure users into their schemes and disclosing personal information such as name, address, email address and the likes. The bad guys can either sell these to other cybercriminals or be used in other, more menacing threats.
For users, it is important to always to double-check email messages and bookmark reputable sites to avoid visiting fake or malicious ones. To know more how spammers and cybercriminals use social engineering and how they earn from your personal information, you may read our report How Social Engineering Works. Trend Micro protects users from this threat by blocking the related spam and websites.